Secure Memory Encryption is a technology used to protect data stored in a computer’s memory by automatically encrypting it. This means that if someone tries to access the memory without proper authorisation, the data appears as unreadable gibberish. The encryption and decryption happen in real time, so the system works as usual but with added…
Microarchitectural attacks are security exploits that take advantage of the way computer processors work internally, rather than flaws in software or operating systems. These attacks manipulate how hardware components like caches, branch predictors, or execution pipelines behave to extract sensitive information. This can allow attackers to access data they should not be able to see,…
Spectre and Meltdown are security vulnerabilities found in many modern computer processors. They allow attackers to read sensitive data from a computer’s memory that should be protected. Mitigations are techniques and software updates designed to prevent these attacks, often by changing how processors handle certain tasks or by updating operating systems to block malicious behaviour.
Rowhammer attacks are a type of cyberattack that target the physical memory chips in computers, especially DRAM. By rapidly and repeatedly accessing specific rows of memory, attackers can cause tiny electrical disturbances that flip bits in nearby rows. This can lead to unauthorised changes in data, potentially allowing attackers to bypass security measures or gain…
Cold boot attacks are a type of security exploit where an attacker gains access to data stored in a computer’s memory by restarting the machine and quickly extracting the memory chips. This works because data in RAM can remain readable for a short period after power is turned off, especially if the chips are cooled…
Fault tolerance in security refers to a system’s ability to continue operating safely even when some of its parts fail or are attacked. It involves designing computer systems and networks so that if one component is damaged or compromised, the rest of the system can still function and protect sensitive information. By using redundancy, backups,…
Side-channel resistance refers to the ability of a system, especially in cryptography, to withstand attacks that exploit indirect information. Rather than breaking the mathematical security, attackers observe things like power usage, timing, or electromagnetic leaks to uncover secrets. Side-channel resistance is about designing hardware and software so that these clues are minimised or eliminated, making…
Secure element integration refers to adding a dedicated hardware chip or module into a device to store sensitive data and perform secure operations. This chip is designed to keep information like passwords, cryptographic keys, and payment details safe from hacking or unauthorised access. By isolating these functions from the rest of the device, secure elements…
A Trusted Platform Module (TPM) is a small hardware chip built into many modern computers. It is designed to provide secure storage for encryption keys, passwords, and other sensitive data. The TPM helps protect information from theft or tampering, even if someone has physical access to the computer. TPMs can also help verify that a…
A Hardware Security Module (HSM) is a physical device that safely manages and stores digital keys used for encryption, decryption, and authentication. It is designed to protect sensitive data by performing cryptographic operations in a secure environment, making it very difficult for unauthorised users to access or steal cryptographic keys. HSMs are often used by…