New ‘Morpheus’ CPU Design Defeats Hundreds of Hackers in DARPA Tests

New ‘Morpheus’ CPU Design Defeats Hundreds of Hackers in DARPA Tests

A new microprocessor design is being lauded for its security features after nearly 600 experts failed to hack it in a series of tests last summer. The new processor, codenamed “Morpheus,” continually rewrites its own architecture, making it impossible for an attacker to target the kinds of flaws that allow Spectre and Meltdown-style side-channel attacks against conventional x86 processors.

Morpheus was developed as part of a DARPA-funded project. Some 580 experts attempted to hack a medical database by injecting code into the underlying machine. Despite burning 13,000 hours collectively in an effort to hack the system, the effort failed.

“Today’s approach of eliminating security bugs one by one is a losing game,” said Todd Austin, professor of computer science and engineering at the University of Michigan. “People are constantly writing code, and as long as there is new code, there will be new bugs and security vulnerabilities…With MORPHEUS, even if a hacker finds a bug, the information needed to exploit it vanishes 50 milliseconds later. It’s perhaps the closest thing to a future-proof secure system.”

New ‘Morpheus’ CPU Design Defeats Hundreds of Hackers in DARPA Tests

Morpheus was implemented using the gem5 simulator on a Xilinx FPGA and simulates a MinorCPU 4-stage in-order core running at 2.5GHz with a 32KB L1i and 32KB L1d. The L2 cache was 256KB. This is not a high-performance x86 CPU you can run out and buy, in other words.

According to Austin, his research team at the University of Michigan focused on making Morpheus a difficult target for any CPU-targeting exploit rather than focusing on building a chip that could defeat a specific class of exploits. The question was, how do you hide critical information from the attacker, without screwing up what the programmer is attempting to do — namely, write effective code?

New ‘Morpheus’ CPU Design Defeats Hundreds of Hackers in DARPA Tests

Austin’s team settled on the idea of obfuscating a class of data known as “undefined semantics.” Undefined semantics are pieces of information the end-user or programmer doesn’t need to know in order to operate a system. Austin uses the analogy of driving a car. To drive a vehicle, you need to know how to operate the steering wheel, the gearshift, and the pedals. You do not need to know how much horsepower the engine makes, or whether the car is using synthetic or standard oil, or what brand of antifreeze is in the engine. These types of traits, according to Austin, are the undefined semantics of the vehicle.

Morpheus achieves this by encrypting memory pointers every 100 milliseconds, over and over again. By continually encrypting data, the project denies attackers the time window they’d need to successfully launch an attack in the first place. Austin refers to this as attempting to solve a Rubik’s Cube that rearranges itself every time you blink. The performance penalty for this kind of encryption, according to the team, is about 10 percent.

The Morpheus design team refers to this constant pointer encryption scheme as “churn,” and they’ve measured the performance impact:

New ‘Morpheus’ CPU Design Defeats Hundreds of Hackers in DARPA Tests

At 100ms, the performance impact is minimal. As the churn speed increases, so does the performance impact, but even churning every 50ms keeps the performance hit tolerable in the average case. The worst-case impact is higher, but this isn’t a CPU that’s ever going to be running SPEC in the first place, so we’d have to see the impact of such a scheme on higher performance chips before drawing firm conclusions.

As Austin notes, this memory encryption approach doesn’t stop every kind of attack you can launch against a system. High-level attacks like SQL injection and man-in-the-middle webserver attacks would still work perfectly. Spearphishing techniques that target people would be completely unaffected. The work presented here, meanwhile, does not offer a simple onboarding method to allow Intel and AMD to take advantage of it.

Still, Morpheus suggests that better protection from side-channel attacks is possible — and end-users might be willing to trade 5-10 percent of theoretical performance in exchange for the security of knowing they won’t be hit with mid-cycle updates that remove that much performance anyway. It should be noted that while Morpheus is being called “unhackable” in certain publications, Austin himself disputes that view, telling IEEE Spectrum: “I think it is hackable. But it’s super hard to hack.”

Continue reading

Jupiter’s Moon Europa Might Glow in the Dark
Jupiter’s Moon Europa Might Glow in the Dark

The intense radiation bombarding Europa might make it glow in the dark, and that could help scientists learn more about the moon's ice sheets and the ocean below.

New Study Suggests Dark Matter Doesn’t Exist
New Study Suggests Dark Matter Doesn’t Exist

Most scientists currently believe the iron grip of gravity is augmented by dark matter, an invisible material that makes up about 85 percent of the universe. A new study makes the case for an alternative model, one in which dark matter doesn't exist and gravity works a little differently than we thought.

Mass Effect: Legendary Edition Remaster Debuts on May 14
Mass Effect: Legendary Edition Remaster Debuts on May 14

The remastered Mass Effect series, Mass Effect: Legendary Edition, drops on May 14. We've got details on what's changing and what isn't.

New Xiaomi Phone Has a Secondary Display in the Camera Hump
New Xiaomi Phone Has a Secondary Display in the Camera Hump

Chinese mobile giant Xiaomi is set to announce a new device called the Mi 11 Ultra, and the device has leaked early. It's got a giant camera module that supports up to 120x zoom, and there's even an extra screen. Yes, a screen in the camera hump. Because why not, I guess?