Skip to content
Naked Security Naked Security

Shapeshifting Morpheus chip aims to baffle hackers

Morpheus aims to make hacking so difficult at microprocessor level that attackers will give up long before they can do any damage.

Researchers at the University of Michigan call it ‘Morpheus’ and it aims to make hacking so difficult at microprocessor level that attackers will give up long before they get the chance to do any damage.

It’s the sort of pitch that will strike most people as pretty sensational, which is why the engineers behind the project are disinclined to call it ‘unhackable’ even as some journalists have written about it in such exaggerated terms.

Backed by the famous US Defense Advanced Research Projects Agency (DARPA), Morpheus is a new chip architecture that sets out to counter weaknesses in today’s microprocessors, which the researchers believe make vulnerabilities and their exploits impossible to defend against.

Today’s cyberattacks typically use malware to misuse basic programming possibilities such as permissions and code injection, or to manipulate unusual states, for example memory buffer overruns (a ‘control-flow’ attack) and information leakage.

This looks like an unavoidable software problem that exploits programming possibilities, which is how today’s industry treats them when they expose and patch vulnerabilities – essentially a way of rewriting code so that an error state is no longer possible.

It’s a neverending job because new code keeps getting added, which adds new vulnerabilities, requiring new patches.

Less commented upon is that attacks also rely on making assumptions about how a microprocessor manages its own on-chip and system memory in a predictable way.

It is this complex layer that Morpheus sets out to change by encrypting and randomising or ‘churning’ data every 50ms – faster than any attacker can locate it – in effect making many common vulnerabilities impossible to exploit.

The University of Michigan’s Todd Austin often explains this to journalists using the analogy of a Rubik’s Cube:

Imagine trying to solve a Rubik’s Cube that rearranges itself every time you blink. That’s what hackers are up against with Morpheus. It makes the computer an unsolvable puzzle.

Another way of understanding it is that it’s a lower-level and more powerful version of current techniques such as Address Space Layout Randomisation (ASLR).

This ‘moving target’ defence wouldn’t make computers unhackable – Morpheus doesn’t address every type of attack – but it would at least greatly reduce the attack surface.

Side channel

The clever part is that using a Morpheus-based microprocessor would not require developers to do anything because the protections work at the hardware level.

Inevitably, there are some downsides – primarily that the extra resource management hits performance and requires physically redesigned and possibly larger microprocessors.

Nevertheless, Morpheus’s significance could be that it influences a new generation of microprocessor designs, having impressed when tested against a subset of real-world attacks.

Morpheus also has wider potential, note the researchers:

Beyond control-flow attacks, we envision that a similar approach could be adopted to protect against side-channel attacks, timing attacks, Rowhammer attacks, and even cache attacks.

Indeed, with side-channel attacks on microprocessors themselves suddenly a big worry, this might be the capability that makes Morpheus something big chip makers will grab with open arms.

5 Comments

Now chip makers have a better reason to make better chips, other than compensating for MS bloatware. lol

Modern CMOS circuits dissipate almost no power when they aren’t switching. The faster they switch, and the more circuits that switch, the hotter the chip gets. That’s why there’s no longer a race among manufacturers for faster clock speeds; they add more “cores” instead.

50 ms is not very frequent in computer terms, but if there’s a lot of circuits switching, heat will be produced. Thermal management is one of the ways apps compete for resources. Even the Task Manager in Windows 10 shows which apps are consuming the power.

This is the long way around to the answer about whether dynamic data encryption interferes with bitcoin mining. It does. How much so depends on how many circuits are involved and how often.

>Unhackable
>Morpheus doesn’t address every type of attack

Choose one.

“the engineers behind the project are disinclined to call it ‘unhackable’ even as some journalists have written about it in such exaggerated terms.”
“This ‘moving target’ defence wouldn’t make computers unhackable”

The two mentions of ‘Unhackable’ in the article. Read it.

Comments are closed.

Subscribe to get the latest updates in your inbox.
Which categories are you interested in?