Schneier on Security

Clive Robinson • January 27, 2018 4:21 AM

@ Cassandra,

It looks like things were lining up for Meltdown and Spectre to be discovered a lot earlier than some people may have first thought.

They have been lining up since the 1980’s if not before. In Intel’s case they have way to much backwards compatibility they are trying to carry forward[1].

However the problem is well known and it’s security dangers likewise.

If you look back on this blog you will find one of my mantras is “Efficiency-v-Security” and as I’ve explained as you increase efficiency you open up time based side channels that can relatively easily be exploited. Unless you realy know what you are doing it the design domain then the net result is security decresses faster than efficiency rises.

This is the fundemental problem behind the four issues that have arrisen with Spector and Meltdown.

But specifically Cache Timing Attacks were known in the Open Community aways prior to the start of the AES competition. We have good reason to belive that the NSA finessed both NIST and the AES competition to ensure that cache timing attacks would be in most if not all implementations of AES so that the leakaged of key information would be recoverable not just within the computer but fairly far out into the network (ie past many LAN to WAN transitions).

So yes I would expect parts of the NSA to be fully cognizant of the cache timing and similar issues that are the cause of Spector and Meltdown, “No if’s, but’s or maybe’s”.

@ ALL,

The real underlying problem is one of physics and trying to cheat natures laws.

In this case the speed of light in an ideal medium given as “C” in most equations. Which is a little under “3 times 10 to the eight meters per second” or 300,000,000 m/S. Sounds a lot but it’s realy not, To see why, time is in effect the inverse of frequency (f=1/t) thus as clock speeds go up distances go down way down. At 1GHz light travels ~1ft that is a 12inch / 30cm ruler you have on your desk, so a 3GHz clock gives 4inches or 100mm tops. At one pico second –a speed engineers talk about routinely– you are looking at a distance similar to a small grain of sand, which is way way way less than the dimensions of IAx86 chips.

If you work out how far the “round trip distance” is on a Printed Circuit Board (PCB) you will be somewhat supprised at just how short distances need to be. But remember that because of the board dialectric and transmission line effects the effective distance is reduced. This reduction is known as “Velocity factor” and in ordinary coax you are looking at 0.6-0.7C in twisted line that is used in Cat1 and above Unshielded Twisted Pair (UTP) and similar cables it can get down to 0.1C.

It’s the one reason why the bus speed between the CPU chip pins and the memory chip pins is kept down to ~0.333GHz or 1/10th of clock speeds on chips. Thus the distance would be around 50cm or a little over one and two thirds feet round trip in free space. But with velocity factor and “data clocking” and “gate delay” in chips and PCB routing issues to ensure the PCB traces are the same length you are down to around 15cm or 6inches distance max…

This 1/10th the speed of the CPU internal clock is why CPU chips have multi level “Cache Memory” on board to bring the effective distance between the memory and the internal Arithmetic Logic Unit (ALU) where the actual “Data Processing” is done down way down.

But another fly hits the ointment at high speed which is to do with von Neumann architectures and Virtual memory. The von Neumann architecture shares data and instructions in the same memory, which has significant implications in that OS’s as we know them. They can not run without “instructions being treated as data to load programs” etc and the sharing of data and instructions causes real slow down issues the closer you get to the ALU. So most modern CPUs internally are Harvard architecture thus have seperate data and instruction caches close in. But the seperation of instructions and data means there are addressing issues which need to be dealt with. Likewise the internal CPU view of addresses called the “logical address” view for similar reasons is not that of the external memory and it’s “physical address” view. The chaging of this view is traditionaly done by the Memory Managment Unit (MMU), but… In the IAx86 it was designed with “a poor man’s MMU” known as “segmentation” done via the segment registers which are as close to the ALU as the other registers thus inside of the address translation done in the MMU that was added later. This unfortunatly is a major source of backwards compatability issues[1] that most other CPU architectures just do not have for very good reason.

Thus close to the ALUs in a core you have seperate data and instruction caches, that use some warped internal logical addressing. The other side of the MMU are other on chip caches that use physical addresses, that make the Physical RAM look both a lot closer and a lot faster. So it’s possible for the likes of loops to only use the caches and not external memory. Unfortunatly due to the idea of using multiple cores and CPU chips for parallel processing there is a whole load of other logic involved in keeping the real external memory in sync with the internal cache memory. Like the instruction decode logic this runs at the CPU clock speed and thus generates even more heat.

Which brings out the issue of “efficiency” the drive for marketing reasons would have been the old “Specmanship” speed of work done for a chosen test type. This invariably means more heat at any given efficiency rating, so to avoid “heat death” efficiency had to be improved which mostly means taking things out to minimise component count etc. This has a side effect of opening up time based side channels over and above the other reductions in security…

But ultimately security in computers boils down to one thing, “Memory” because it holds the configuration and settings information. The only thing protecting the security is the MMU, the configuration page tables of which are kept in “memory”. Even the “Secure enclaves”, “Managment Engine” and other things are controled by the contents of “Memory”.

Thus if you can get at the “Memory” you “Own the System”. There are three basic ways to protect memory,

1, Physical segregation
2, Logical segregation.
3, Encryption.

Physical segregation uses entirely seperate memory chips with entirely seperate address and data buses. Which is not just expensive in components, it also needs entirely seperate address and data lines. Which means increased PCB real estate, which makes things difficult at best, which is why it is rarely to never used these days.

Which is why logical segregation via VM and page tables is the usuall solution for security these days. But Rowhammer made it obvious that “reach down” attacks were more than possible. Further Spector and Meltdown have shown that “reach around” attacks are possible. Also the long known sidewise attacks through I/O and DMA. There are also “bubbling up” attacks from low level gates and “test harness” logic that have yet to be weaponised and Open POC code developed, and is one of the “scary things” about “supply chain poisoning”, which is why the DoD put quite a bit of money into developing defences, with the most promising lines having now “Gone Black”.

Which leaves us with encryption.

Encryption currently is, always has been and probably always will be both a problem and messy.

Memory encryption is not a new idea, it’s been around for over a third of a century, the problem is it’s never realy been implemented in the correct way for a number of reasons. The simple comparison to understand why is with that of mutable storage such as hard dosks. The fairly well known problem that of the difference between Full Disk Encryption (FDE) and File encryption.

FDE only gives protection to “data at rest” where as File Encryption protects whilst the system is up and running with multiple users.

The same applies to RAM encryption using a single key for the whole RAM might protect against attackers getting at the external to the CPU RAM with logic analysers and the like, but it will not protect against multiple users in the system. Like File Encryption you need to protect each user process/thread space using different encryption keys. Thus if one users data does get pulled into cache by another users process it’s value is effectively meaningless.

What it will not protect against is applications that have multiple threads that should be kept secure from each other, unless the thread spaces can be encrypted from each other. Which might be difficult in some applications.

The point to remember is “security was taken out to improve throughput”. You can not expect to put the security back without incurring a penalty atleast proportional to that which was originally taken out…

Look at it this way, take the safety features out of a car and it will either go faster or further for the same fuel. But you will die or be injured a lot more easily than with the safety features that have a time/cost penalty. The choice is yours, go faster but at greater risk, or be safer at a more pedestrian rate…

The same applies to the Intel CPU chips… The real trick in both cases is finding the engineering “sweet spots”, but that as they say is a conversation for another day.

[1] Abother major source of backwards compatability issues is that the IAx86 Instruction set is overly complex, and way beyond that which most programmers can gey their heads around effectively. The reason is that a complex instruction set is a form of compression that means more “information” per external bus clock cycle is transfered which speeds things up, or atleast that was the idea. The problem is a very large and complex instruction decode logic which chews up power and makes things way way more complex than they need to be especially with the managment of data… Which has knock on effects.

Clive Robinson • January 28, 2018 5:35 AM

@ Nick P,

They’re [Intel] instead doing the backward compatibility and lock-in that meets their actual goals of high profits for executives and shareholders. Incentives like that are why we need regulation.

What we need is “the right regulation”, which given the current US legislators trends are actually going to be worse than no regulation…

Part of the problem in this respect is “Fines not Terms” mentakity from the various USG entities when it comes to sanctions. We see this with the Finance Industry, with eye wateringly large fines given to banks and the like, who just pass the cost on to their customers with a bit more to generate a bit of slack for the “Next Taxing”. It kind of looks good till you realise the banks and large corps are set up to not just pass the cost to their customers, but also write off the fine against tax. So the net impact on the company is marginal at best…

In the case of Intel’s CEO, his share trading is something anyone reading about it with more than half a brain will have questions about along the lines of “how many years…”.

The second thing people will likewise want to know, was why everyone was pushed into secrecy till after the Xmas spending boom, which Intel will have done very nicely out of…

This kind of tells you what legislation Intel’s lobbyists will buy from the legislators.

So I’m guessing the only action of any serious kind would come from Europe.

The problem in Europe like most other places is the feeling that you would be cutting your own throat if you did hit Intel hard.

There is after all no compulsion other than profit for Intel to sell into Europe or else where in the world. Thus they could simply “turn off the gas” on the supply line side of things, by rigging contracts and terms they have with major suppliers. Microsoft did similar in the past so Intel could do the same. In fact they would only need limit the supply of “new CPUs” alowing only the near EOL or less popular lower profit etc CPUs in.

The result would be much the same which is “fear of being less competitive” would put preasure on the politicos to ease up on Intel…

As we are going to see with the current “crisis” most people do not use even a fraction of the CPU power they have so the 30-50% slowdown will have next to no discernable effect on them. It’s only the high end users who will be hit. But that’s were it gets interesting. One of the reasons various large US Corps set up data centers in Europe was to stop competition developing. Intel rateling the chain may well act to there advantage…

The downside though is Intel’s percieved effectively Monopoly market. Well things are changing in that area and have been for a while. The running costs of Intel Architecture and it’s price points are very uncompetitive and getting worse. It’s why some are looking at ARM –which used to be British– with FPGA for supercomputer and cloud applications. Fujitsu for instance have indicated that their future lies in the ARM direction for the chips for their future supercomputers. Rosey as Intel’s position appears to be, they have some quite genuine fears. The desktop market is dying as you watch, most home computing is based on “portable convenience” and thus “good battery life” both of which have favoured ARM for quite some time now. Heck you can by smart phones with more grunt and less power consuption than desktops of even five years ago.

So this has the potential to be a several bowls of pop-corn event…

Clive Robinson • January 29, 2018 7:33 PM

@ Who?,

A good way to prove embargoes are useless is looking at what is happening right now. The way this incident is being managed after seven months is no better than an incident that is publicly disclosed as soon as it is discovered.

It proves that not just “embargoes” are usless, it also proves that “free markets” that are actually monopolies / cartels are likewise usless as they are not markets as most people would think of them. But it will also prove that there are also other knock on effects that can be used to create faux markets for rent seekers.

I could go on at length about why Intel has “rigged the market” over the years and the fact the US Government has turned a blind eye to Intel / Microsoft and other US high tech companies doing so. But I won’t as this will turn the conversation into one about the “politics of regulation” and miss a more important point, that will almost certainly cost more.

My actual point is that this whole Spector / Meltdown situation shows another significant failing, which is rather more insidious (but is driven by my previous point).

Since the floating point bug some years ago now, Intel has tried to run their hardware product like a software product. That is by developing a policy of “Patch not Repair” with “Deficient product roll out”. They have taken steadily worse steps with product reliability to speed up “time to market”. So much so they are now well beyond the point that they ship products that are so unreliable, they has to be patched every time it is turned on or reset. Which gives rise to all sorts of security issues not all of which are immediately obvious, nor their eventual toll on society.

Further it has pushed Intel into a position that to keep up with supposadly “market driven forces” they have gone into a significant tail spin… Which unless it is checked will result in an unfortunate crash of their own making.

Which raises the question of “Have Intel gone beyond the tipping point?” and if they have “What will be the result to the industry?”.

Both Intel and Microsoft have put themselves into this “Patch not Repair” behaviour, that inturn has led to “Deficient product roll out” as a norm. Thus both of them shipping ubreliable, “not fit for market” products from their combined monopoly positions.

One of the fundemental reasons they have been able to do this is “Net Neutrality”. Which has alowed them to avoid the real asymetric costs of repair[1]. It is those asymetric costs that drove the whole electronics industry into one of improving quality control, back in the 1960’s. not decimating it for short term “Marketing Driven” whims.

As far as I’m aware nobody has asked the real question about how a “rent seeking business model” will effect the “patch not repair” marketing driven ethos now that net neutrality is gone in the US?

Look at it this way, as a network service provider you see two of the richest businesses in the world “free loading” off of your business. Now you nolonger have to worry about “Net Neutrality” you can put a “toll gate” on your stretch of the “information super highway”. Thus charge not only Intel and Microsoft a high fee for alowing their “patch” packets into your network, you can also as the old telephone service providers did charge your customers for receiving the “patch” packets. All on the excuse of “load leveling” or even “Safety” etc[2].

The net result will be even for the patch conscientious a delay in patching thus opening up the “attack window” for the likes of ransomware etc.

We are moving into “Interesting Times” whether or not we like it, as the “rent seekers” have their way with us…

[1] I’ve mentioned this in the past. Put simply it costs a lot less to ship product out than to get product back for repair by several orders. But there is also a hidden side to transport costs which economists tend to ignore which is “Distance costs”, which has a fundemental size constraint on a market. Thus has a “hidden hand effect” that alows competition in a geographic way that alows new competitors to enter a market. When distance costs approach zero the size of a market tends to the maximum, which makes the market “local” in effect thus a “winner takes all” effect crushes out competition resulting in a monopoly market place.

[2] Such are the joys of an unregulated transportation market, that history has taught us for thousands of years is a bad idea. As it gives rise to high taxation and inefficient service provision. Imagine if you will every major road junction turning into a “toll both” and how that would effect your drive to work[2].

[3] But we don’t have to, the few that have tried it have caused an out cry from motorists that see unfettered access to roads not as a privilege but a necessity. Some will pay up, many will find “rat runs” or other ways around the tolls. Thus the rent seekers will put up the toll cost in terms of fees, time or both, whilst having a significant knock on effect in environmental damage due to the inefficiencies they create.