Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


RamBleed "we used RAMBleed to leak a 2048 bit RSA key"
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

RamBleed "we used RAMBleed to leak a 2048 bit RSA key"

NeoonNeoon Community Contributor, Veteran
edited June 2019 in General

https://rambleed.com/

"As an example, in our paper we demonstrate an attack against OpenSSH in which we use RAMBleed to leak a 2048 bit RSA key. However, RAMBleed can be used for reading other data as well. "

Thanked by 2datanoise dahartigan

Comments

  • sanvitsanvit Member

    The end is nigh

  • jsgjsg Member, Resident Benchmarker

    Frankly, I'm not worried. Multiple reasons. For one such work is almost always done in lab conditions which usually are very different from the wild out there. Another point to note is that in this case (which certainly wasn't chosen by random) the algorithm played a major role and helped a lot; note that a 2048 bit key ~ 256 bytes which due to its size and the size of L1 caches risks to be re-read from memory. With a (significantly smaller) ECC algorithm the whole story is quite different. Another culprit is the fact that keys (of any kind) are in "clear" in the RAM in the first place. That is a protocol and implementation problem that could be mitigated.

    So I do not expect any significant real world problems due to Rambleed anytimes soon and, if they came up, they could be mitigated.

    If one really wants to be worried then there is a whole lot of other problems, beginning with serious processor vulnerabilities and not ending with poor design and implementation of major security software (libraries, TLS, etc.).

    But: nice research.

    Thanked by 2Xei FHR
  • level6level6 Member

    Everyone DO THIS, NOW!!!

    Users can mitigate their risk by upgrading their memory to_ DDR4 with targeted row refresh (TRR) enabled_. While Rowhammer-induced bit flips have been demonstrated on TRR, it is harder to accomplish in practice.

  • JanevskiJanevski Member
    edited June 2019

    @level6 said:
    Everyone DO THIS, NOW!!!

    Users can mitigate their risk by upgrading their memory to_ DDR4 with targeted row refresh (TRR) enabled_. While Rowhammer-induced bit flips have been demonstrated on TRR, it is harder to accomplish in practice.

    Yes, but i can't upgrade my board, it's DDR3.
    This basically means new computers for all...

    Even more so for embedded devices.
    Meh, fuck it, safe enough.

    Thanked by 1bugrakoc
  • tetechtetech Member

    @level6 said:
    Everyone DO THIS, NOW!!!

    Users can mitigate their risk by upgrading their memory to_ DDR4 with targeted row refresh (TRR) enabled_. While Rowhammer-induced bit flips have been demonstrated on TRR, it is harder to accomplish in practice.

    That's ridiculous advice.

    Thanked by 1FHR
  • NeoonNeoon Community Contributor, Veteran

    @tetech said:

    @level6 said:
    Everyone DO THIS, NOW!!!

    Users can mitigate their risk by upgrading their memory to_ DDR4 with targeted row refresh (TRR) enabled_. While Rowhammer-induced bit flips have been demonstrated on TRR, it is harder to accomplish in practice.

    That's ridiculous advice.

    Of course, you just buy DDR4 and put it into DDR2 machines, will work like magic.

  • tetechtetech Member

    @Neoon said:

    @tetech said:

    @level6 said:
    Everyone DO THIS, NOW!!!

    Users can mitigate their risk by upgrading their memory to_ DDR4 with targeted row refresh (TRR) enabled_. While Rowhammer-induced bit flips have been demonstrated on TRR, it is harder to accomplish in practice.

    That's ridiculous advice.

    Of course, you just buy DDR4 and put it into DDR2 machines, will work like magic.

    You mean "it will be magic if it works" :-D

  • NeoonNeoon Community Contributor, Veteran

    @tetech said:

    @Neoon said:

    @tetech said:

    @level6 said:
    Everyone DO THIS, NOW!!!

    Users can mitigate their risk by upgrading their memory to_ DDR4 with targeted row refresh (TRR) enabled_. While Rowhammer-induced bit flips have been demonstrated on TRR, it is harder to accomplish in practice.

    That's ridiculous advice.

    Of course, you just buy DDR4 and put it into DDR2 machines, will work like magic.

    You mean "it will be magic if it works" :-D

    The important thing is, to keep the power on, so it sparks.
    Makes it feel more like magic.

  • HarambeHarambe Member, Host Rep

    @Neoon said: Makes it feel more like magic.

    They call it magic blue smoke for a reason :smile:

  • jsgjsg Member, Resident Benchmarker

    @level6 said:
    Everyone DO THIS, NOW!!!

    Users can mitigate their risk by upgrading their memory to_ DDR4 with targeted row refresh (TRR) enabled_. While Rowhammer-induced bit flips have been demonstrated on TRR, it is harder to accomplish in practice.

    Yeah right, panic is the perfect solution.

    Btw, in case my wording above was too complicated: There are plenty far more real world dangers out there.

  • level6level6 Member

    I hope that nobody thinks I was suggesting they follow the Rambleed advice. I'll have to start using a sarcam tag? :(

    At the moment I'm using an old AMD DDR3 machine that's working fine, and no plans to change the mb/memory/cpu due to this new "threat."

  • willKwillK Member
    edited June 2019

    RSA 512 compromised sometime ago. I know this is side-channel and can be avoided but will the day come when RSA 2048 can be broken with brute force...

  • FHRFHR Member, Host Rep

    The attack will probably not be usable in the real world. There's usually too much noise on hypervisors to make any attempt of reading memory of other guests useless.

    Thanked by 1vimalware
  • sinsin Member

    @FHR said:
    The attack will probably not be usable in the real world. There's usually too much noise on hypervisors to make any attempt of reading memory of other guests useless.

    no one wants to read my porn anyways :(

Sign In or Register to comment.