19 Dec 2016

Cryptography demands that your CPU and memory subsystems be perfect

In normal operation, your device can, surprisingly, tolerate a lot of small errors. The occasional bitflip in RAM won’t hurt anything and a slightly out-of-spec CPU (e.g. low voltage or noisy power supply) will work well enough. Most applications don’t do enough CPU/RAM work that errors are a big problem.

Cryptography is different; it will stress your CPU and RAM for a long period. It is also completely intolerant of errors. A single-bit transition will completely ruin the result of a crypto operation.

A quick-and-dirty test, for Linux systems at least, is to repeatedly hash a file in RAM. If you’ve got a tmpfs mounted on /tmp, for example, you can:

dd if=/dev/random of=/tmp/junk bs=1M count=<most of RAM - e.g. '12' for a 16MB machine>
md5sum /tmp/junk

Repeatedly run the md5sum. If you ever get different results, you’re seeing memory corruption.

comments powered by Disqus