Engineers have designed a computer processor that prevents hackers by inconstantly changing its microarchitecture every few milliseconds. Known as Morpheus, the baffling processor has now aced its first major tests, stop hundreds of professional hackers in a DARPA security challenge.
In 2017, DARPA backed the University of Michigan’s Morpheus project with US$3.6 million in funding, and now the novel processor has been put to the test. Over four months in 2020, DARPA ran a bug bounty program called Finding Exploits to Thwart Tampering (FETT), pitting 525 professional security researchers against Morpheus and a range of other processes.
The goal of the program was to test new hardware-based security systems, which could protect data no matter how vulnerable the underlying software was. Morpheus was mocked up to resemble a medical database, complete with software vulnerabilities – and yet, not a single breach made it through its defenses.
There’s basically no such thing as bug-free software, and in many cases these bugs can be exploited by hackers. Software developers will usually patch them up when they find them, but that often doesn’t happen until after an attack, and hackers will just move onto the next vulnerability. The cycle continues in a never-ending arms race between hackers and developers.
More recently, computer scientists are realizing that hardware can play an important role in security. To design a piece of malware, hackers need to understand the microarchitecture of a processor, so they can figure out where to inject their malicious code. Locking down the system at the hardware level could potentially end the arms race once and for all.
That was the design philosophy behind Morpheus. Essentially, the processor starts by encrypting key information, such as the location, format and content of data. But that’s not enough on its own – a dedicated hacker could still crack that code within a few hours.
And that’s where Morpheus gets clever – the system shuffles that encryption randomly every few hundred milliseconds. That way, even if a hacker somehow manages to get a picture of the entire processor, it’ll completely change before they have a chance to act on it.
“Imagine trying to solve a Rubik’s Cube that rearranges itself every time you blink,” says Todd Austin, lead researcher on the Morpheus project. “That’s what hackers are up against with Morpheus. It makes the computer an unsolvable puzzle.”
Importantly, this difficulty doesn’t apply to programmers or users, because the card shuffling happens at a level that legitimate users of the system don’t directly interact with. The main side effect is that apparently Morpheus runs about 10 percent slower than an otherwise equivalent system would, but that’s a pretty good trade-off for a virtually unhackable processor. Plus, the team says that further refinement could speed the system up.
With its tough shell now proven, the Morpheus team says that the next steps for the project are to adapt the technology to use it to try to protect data in the cloud.
We are the change the world has been waiting for!
Have you witnessed an unidentified flying object?
Whether you think UFOs are black projects, extraterrestrial craft, something else altogether, or just don’t know.
Unconditional love. The road we all get to walk. Unconditional love is like the sun.
WE ARE THE DISCLOSURE ~ WE HAVE NEVER BEEN ALONE
Love and Regards,
Thank You,
Nancy Thames
Sources: University of Michigan via The Conversation, IEEE Spectrum