Version 1.3

Lecture: Rowhammer exploit

Viability of the Rowhammer Attack when ECC memory is used


In this talk I will describe how a Rowhammer attack works both on a physical and software level. The focus of the talk will be to show
what steps need to be taken in order to make the Rowhammer attack viable against a target using ECC memory.

In the first part of the presentation I will be showing how DRAM works and what the key attributes are that make a Rowhammer attack possible. I will also give an introduction as to what ECC memory is and how it works and where it is used.

In the second part of the presentation I will be presenting on how a generic rowhammer attack can be executed.

In the third part of the part which will be the main focus of this presentation I will discuss what problems we encounter when ECC memory is used on the target machine.
This will include:
* How to reverse engineer the ECC function
-> The cold boot attack used to speed up this process
* How to detect bit flips that are corrected
* How to trigger bit flips in a specific location.

In the last part of the presentation I will give an overview of the mitigations that exist and which ones are still deemed viable


Day: 2019-06-16
Start time: 13:00
Duration: 01:00
Room: Movie Room
Track: Hardware
Language: de


Concurrent Events