The CPU is classically considered “the brain” of a computer because, like the human head, it contains all of the circuits responsible for receiving and executing commands. However, like the rest of a machine, CPUs are not infallible. In fact, they can be fairly easy to hack. Recent years have shown egregious examples of hardware vulnerabilities that allow for the sophisticated hijacking of machines. Most famously, researchers uncovered the security flaws “Meltdown” and “Spectre,” both of which were embedded in millions upon millions of chips, and therefore put data on a majority of the world’s computers at risk.
An academic research team at the University of Michigan is currently working on a way to stop these sorts of attacks from taking place, according to IEEE Spectrum. Led by computer scientist Todd Austin, the team is working on creating a new CPU design, dubbed “Morpheus,” that is basically hack-proof. Well, sorta. The new machine would hopefully stop a large percentage of attacks, said Austin in a recent interview with the publication.
In fact, recent testing of the machine showed that its defenses work phenomenally well. During a recent virtual bug bounty program sponsored by DARPA (the Defense Advanced Research Project’s Agency), a veritable army of 580 White Hat hackers spent 13,000 hours attempting to permeate its defenses and all were unsuccessful, IEEE reports. Austin describes his team’s creation this way:
Morpheus is a secure CPU that was designed at the University of Michigan by a group of graduate students and some faculty. It makes the computer into a puzzle that happens to compute. Our idea was that if we could make it really hard to make any exploit work on it, then we wouldn’t have to worry about individual exploits. We just would essentially make it so mind bogglingly terrible to understand that the attackers would be discouraged from attacking this particular target.
So how, exactly, does Morpheus block attackers? The short answer is encryption. Austin says his team is using a cipher, an algorithm that initiates encryption and decryption, called “Simon.” In this case, whatever Simon says, goes: it can “make the underlying implementation of the machine [i.e., the CPU]—the undefined semantics—change every few hundred milliseconds.” In other words, it constantly encrypts parts of the machine’s functions to obscure how it works, thus blocking potential hackers from being able to exploit it. In effect, this reconfigures “key bits” of the chip’s “code and data dozens of times per second, turning any vulnerabilities into dead ends for hackers,” according to the school’s engineering department. Austin put it this way:
The way we do it is actually very simple: We just encrypt stuff. We take pointers—references to locations in memory—and we encrypt them. That puts 128 bits of randomness in our pointers. Now, if you want to figure out pointers, you’ve got to solve that problem...When you encrypt a pointer, you change how pointers are represented; you change what the layout of the address space is from the perspective of the attacker; you change what it means to add a value to a pointer.
So... that makes sense? While this encryption shield doesn’t stop things like SQL injections or more sophisticated attacks, it does prevent what Austin says are “low-level attacks,” or remote-code execution attacks (RCEs)—whereby bad actors can insert malicious programs into a machine via security flaws apparent in its programming. By obscuring how that programming functions, Morpheus is taking away much of the opportunity for such attacks to occur.
While all of this may fly over most people’s heads, the basic point is that in the not-too-distant future, we may have machines that are virtually impervious to your run-of-the-mill hardware exploits. With the cyber-maelstrom that’s been going on in the U.S. and the world lately, I think that’s something we can all get on board with.