ECC.fail - Mounting Rowhammer Attacks on DDR4 Servers with ECC Memory

Explore a groundbreaking cybersecurity research presentation that demonstrates the first successful Rowhammer attack against Intel servers equipped with DDR4 ECC memory. Learn how researchers from Georgia Tech, University of Michigan, Purdue University, and Ruhr University Bochum overcame significant technical challenges to exploit this hardware vulnerability in enterprise server environments. Discover the methodology behind characterizing Hynix's Target Row Refresh (TRR) implementation on server components and understand how effective hammering patterns were developed using both FPGA and Intel-based testing platforms. Examine the reverse engineering process of Intel's ECC implementation on Skylake and Cascade Lake servers, revealing a coding distance of four that enables incorrect ECC correction with minimal bit flips. Follow the development of an end-to-end attack technique that successfully flips memory bits on Intel servers without causing system crashes. Witness a practical demonstration where the attack compromises RSA public keys in memory, forcing servers to accept messages not signed by the original cryptographic key. Gain insights into advanced memory exploitation techniques, server security vulnerabilities, and the limitations of traditional ECC protection mechanisms in enterprise computing environments.