Maynard Handley (name99.delete@this.name99.org) on December 12, 2018 11:41 am wrote:
> wumpus (lost.delete@this.in.a.cave) on December 12, 2018 11:07 am wrote:
> > Maynard Handley (name99.delete@this.name99.org) on December 12, 2018 10:32 am wrote:
> > > Anon (No.delete@this.email.com) on December 11, 2018 11:29 pm wrote:
> > > > Maynard Handley (name99.delete@this.name99.org) on December 11, 2018 4:32 pm wrote:
> > > > > Anon (no.delete@this.email.com) on December 11, 2018 4:21 pm wrote:
> > > > > > Maynard Handley (name99.delete@this.name99.org) on December 11, 2018 7:20 am wrote:
> > > > > > >......
> > > > > > > The crypto has to be appropriate to the problem. This is NOT the equivalent of network crypto.
> > > > > > > For example, suppose the equivalent of a random key burned into the device is XOR'd with everything
> > > > > > > going into and out of an MRAM cache (maybe also XOR-in the relevant addresses).
> > > > > > > Is that good enough? On the off-chance that someone could extract the contents
> > > > > > > of the MRAM cache (which may or may not be true?) the assumption is always
> > > > > > > that they CANNOT extract the contents of these sorts of hardware keys.
> > > > > >
> > > > > > Such a scheme would be about as secure as writing a key on a yellow postit on your monitor.
> > > > >
> > > > > Why do you say that?
> > > > > This is not a situation where one can watch a constant stream of data and extract statistics.
> > > > > My threat model is that someone steals a laptop, delids the chip, and has access to the
> > > > > frozen contents of the MRAM data. Not even the cache tags, just a collection of lines
> > > > > of data; and not a constant, changing, stream of data as the CPU executes.
> > > > >
> > > > > Is that the threat model you believe you have in mind? If not, well, we are not discussing the same thing.
> > > >
> > > > Unfortunately it makes no difference, a stream versus a static
> > > > corpus does not make a difference to many forms of attack.
> > > >
> > > > >
> > > > >
> > > > > > Unfortunately the fact is that good encryption is hard, and somewhat computationally involved.
> > > > > >
> > > > > > Not to mention the fact that with a static key, both ends
> > > > > > need that key, as as soon as it leaks, its game over.
> > > > >
> > > > > Slogans are great. But the relevance of this one is not especially clear to me.
> > > >
> > > > What do you think is a slogan? That is a simple fact. What part of it doesn't make sense?
> > > > The key is the key.. Abs it must exist at both ends.. If I've of them is insecure
> > > > then the game is over. Too much like a slogan? Sorry but it is simple fact.
> > >
> > > I don't know what "both ends need that key" provides in this context.
> > > I'm assuming a fused key that cannot be read by external means and that this
> > > key is held in NON-persistent storage (ie a standard register) by the cache
> > > controller. I'm not sure how these two facts make the system insecure.
> > >
> > > If you're assuming the fused key end can be read, well, then you're assuming
> > > away the security in pretty much EVERY piece of hardware on earth.
> > > If you're assuming that the laptop can be snatched away and data read from non-persistent registers,
> > > well, then why is MRAM adding any new insecurity --- your magic microscope that can read registers
> > > can just read whatever it wants from any part of the laptop you have snatched.
> >
> > That might work, but it defeats nearly all the points of having non-volitile cache (except the ability
> > to write-back). I'd expect to simply use SRAM if I needed a duplicate SRAM cache with my MRAM cache,
> > but perhaps those that want persistent storage care enough for such an encryption model.
>
> I don't get this. What was so unclear in what I said?
> The key that I am assuming XOR'd with MRAM data does not, I think, have to be the size of the entire cache!
> Suppose it is just the size of a line, and we also XOR in the address of the line. Now obviously this is
> not perfect, we are now repeating the secret for each line, but the adversary does not know the original
> contents of the line (or any pattern there), neither does the adversary know the address of each line.
>
> Like I said, I'm not claiming this is invulnerable; but my guess is that there is SOMETHING possible
> along these lines (hashing a large [but not crazy large, say one cache line] secret and the address
> of a line with the data) that's both good enough crypto AND fast enough to be usable.

I suggest you read up on what a known plaintext attack is, and how incredibly trivial it would be in this case (or do you not realise that your memory will be FULL of known plaintexts?).
The effort to physically get the memory and read it out would probably be higher than breaking such encryption..

> Oh, I guess one hidden assumption *I* made, namely that MRAM persistence is NOT a goal
> of these fast caches, it's an unfortunate side effect of the density. So hashing in non-persistent
> data like a line address (I'm assuming tags stored in SRAM) is fine...

Hashing in the address doesnt do anything to help unless the address is not predictable..
And addresses tend to be somewhat predictable.

>
> IF your goal is a persistent L2 or L3 CACHE, well
> (a) I don't understand the problem you're trying to solve
> (b) presumably this thing should not be treated via cache assumptions; in particular there should now
> be a willingness to throw more than just one or two cycles additional latency at the crypto, no?
>