A new vulnerability in Intel and AMD processors allows you to steal cryptographic keys

image

The new Hertzbleed third-party attack allows an attacker to remotely steal cryptographic keys by observing changes in CPU frequency using the dynamic voltage and frequency scaling (DVFS) function. This is possible because on modern x86 processors Intel ( CVE-2022-24436) and AMD ( CVE-2022-23823) DVFS depends on power consumption and processed data.

The Hertzbleed vulnerability was discovered by a team of researchers from the University of Texas at Austin, the University of Illinois at Urbana-Champaign and the University of Washington.

“In the worst case scenario, an attacker can extract cryptographic keys from remote servers that were previously considered secure. Hertzbleed is a real threat to the security of cryptographic software. Hertzbleed shows that on modern x86 processors, attacks on third-party channels can be turned into time attacks, which eliminates the need for any power measurement interface”, — the researchers explained.

According to Intel, Hertzbleed affects all processors and can be remotely used in high-complexity attacks that do not require user interaction from an attacker with low privileges. AMD also reported that Hertzbleed affects several of the company’s products (desktop, mobile, Chromebook and server processors using Zen 2 and Zen 3 microarchitectures). Processors from other manufacturers, such as ARM, that use the DVFS feature may also be affected by Hertzbleed, but researchers have not yet confirmed this.

According to the Hertzbleed research group, Intel and AMD do not plan to release fixes for the new vulnerability. “Although this question is interesting from a research point of view, we do not believe that this attack can be carried out outside the experimental environment.”, — said Jerry Bryant , Intel ‘s senior director of Security and Incident response .

However, Intel
and AMD
provided recommendations to protect the software from disclosure of information about DVFS. According to AMD’s recommendations, developers can disguise, hide or change keys to prevent leakage.

According to the researchers, disabling the frequency boost function (“Turbo Boost” for Intel processors and “Turbo Core” or “Precision Boost” for AMD processors) in most cases can mitigate Hertzbleed attacks, but “this will have a very big impact on performance”.

Start a discussion …