Published in News

Scary new bug hits ARM

by on25 September 2017


Brilliant and Terrifying


Columbia University researchers have found a “brilliant and terrifying” hack of ARM chips using something they call CLKSCREW.

The hack targets ARM’s Dynamic Voltage and Frequency Scaling (DVFS), which allows the CPU's clockspeed and voltage to vary dynamically depending on whether the CPU is idling or not.
CPU or SoC chipset vendors embed energy management systems with their products to allow device manufacturers a way to control energy consumption and improve battery life.

Researchers say that despite becoming a pervasive system, DVFS and other energy management systems have not gone through thorough security audits.

In a research paper, the Columbia team explains how it used CLKSCREW to attack ARM TrustZone, a separate chip included with mobile CPUs on Android devices, and which handles secure and cryptographic operations on behalf of the main operating system.

The researchers found that by turning the voltage up and down with one thread, researchers were able to flip bits in another thread. When they did this when the second thread was verifying the TrustZone key, the researchers were granted permission to do what ever they liked.

For example, if number 'A' is a product of two large prime numbers, you can flip a few bits in 'A' to get a number that is a product of many smaller numbers, and more easily factorable.

This hack shows the security ramifications of energy management mechanisms and the ARM community to re-examine these security-oblivious designs, they wrote.

Last modified on 25 September 2017
Rate this item
(0 votes)