CALL US

+91 8219776763

Vulnerability in NAND Flash can cause damage to other people's data on the SSD-drives | Cyberops

Vulnerability in NAND Flash can cause damage to other people’s data on the SSD-drives

By Prempal Singh 0 Comment May 22, 2017

A group of researchers from the University of Carnegie – Mellon University, the Seagate and the Swiss Federal Institute of Technology Zurich has identified a vulnerability in a low-level organization of storage on modern NAND Flash chips used in SSD-drives.

The attacker may generate a certain data with their activity on storage, resulting in compromised the integrity of the data is not controlled by it, which manipulate other processes.

The vulnerability caused by characteristics data storage NAND Flash chips supporting technology MLC (Multi-Level Cell), in which each cell can take one of four threshold voltages (low – 0, two intermediate – 01/10 and high – 11), ie. MLC provides storage in a single cell of two bits, in contrast to the classical scheme of SLC (Single-Level Cell), where the low voltage in the cell corresponds to 0, and the high – 1. Due to the parasitic capacitive coupling between adjacent cells, programming cell content It can influence the level of charge in the neighboring cells and cause errors in them, in the case where a previously uncharged cell is applied a high voltage level.

To circumvent this effect manufacturers use a two-step programming technique of cells, wherein the first set of bits defined by the intermediate voltage, then the cell voltage is brought to high. Researchers have shown that such a measure is not a fully reliable and has a weak link. In particular, it is proved that a partially programmed cell for which the first stage of programming is complete, but not yet executed second, significantly more susceptible to stress change in neighboring cells and occurrence of distortion when reading ( «read disturb»), than fully programmed cells. As a result, two attacks developed aimed at the distortion values in partially programmed cells.

The first attack is realized through execution of data recording operations corresponding to a certain pattern, which will allow a 4.9 fold increase in the likelihood of errors in the programming algorithm MLC cells and as an indirect impact causes damage to the values in the neighboring cells located in the first programming phase. largely resembles the method of attack Rowhammer, aimed at the damage to the contents of the DRAM cells and also developed at Carnegie University – Mellon.

The second attack is aimed at data corruption when reading values partially programmed cells due to the occurrence of errors «read disturb» in the performance of a large number of reading operations in a very short period of time. Since the distorted read data, this type of attack results in damage to both the content already dumped in partially programmed cells and pages are just getting ready to start recording. For manufacturers, researchers have developed several methods to prevent the attacks, which are recommended for implementation.

error: Content is protected by Cyberops !!