A report from security firm Ars Technica has revealed a vulnerability in Apple’s M-series chips, which are used in many MacBook devices. The flaw is considered “irreparable” or unfixable and would allow potential attackers to access cryptographic data on affected devices.
A team of 8 researchers from several universities in the United States determined He apple chip failure allows malicious attackers to execute side channel exploits, When running commonly used cryptographic protocols. This opens the possibility for attackers to obtain the end-to-end encryption keys. The vulnerability can be exploited when a potential victim’s cryptographic operation and a malicious application, which uses normal user system privileges, run on the same CPU cluster (or as a group of coordinated computers) without the victim’s knowledge. .
Because Vulnerability found in microarchitecture of chips (i.e., at the silicon level), researchers believe that security patches cannot be designed to solve the problem.
According to researchers, The flaw can only be mitigated through the use of third-party software, which can significantly impact MacBook performance when using cryptographic programs. In the report’s findings, it emerged that the chips that are most vulnerable are the older generation components M1 and M2.
In particular, potential hackers can intercept and exploit computer memory access patterns to extract sensitive information, such as encryption keys used by cryptographic applications. “In other words, exploits the vulnerability” The breakthrough of the new research is that it uncovers behavior of DMPs (prefetcher-dependent memory) in Apple silicon that was previously overlooked: they sometimes read the contents of memory. This is the first time researchers have found flaws in Apple’s DMP.
As a result, the DMP reads the data frequently and tries to treat it as an address to access the memory. This “dereferencing” of “indicators” – that is, reading the data and filtering it through a side channel – is a clear violation of the continuous time paradigm.
Ars Technica, security firm
Researchers continue to explain.
Prefetchers typically look at the address of the data being accessed (ignoring the values of the data being accessed) and try to predict future addresses that may be useful. DMP is different in this sense, because in addition to addresses, it also uses data values to make predictions (predicting and searching for addresses in advance). In particular, if a data value looks like a pointer, it will be treated as an “address” (where in fact it is not!) and the data at this “address” will be moved into the cache. The arrival of this address in the cache is visible and filtered through cache side channels.
Ars Technica, security firm
By the way, the team of researchers explains the following: “Our attack takes advantage of this fact.” “We cannot leak encryption keys directly, but what we can do is manipulate intermediate data within the encryption algorithm to make it look like a pointer via a chosen input attack.” As the researchers claim, the DMP sees that the data value “resembles an address” and brings data from this “address” into the cache, which filters out the “addresses.” “The fact that the intermediate data looks like an address that is visible through the cache channel is enough to reveal the secret key over time,” he says.
The type of attack that could be executed through this vulnerability was called Go Fetch. The hack works without any difficulty in the user’s environment Requires only standard user privileges, Same as required for general applications.
The GoFetch application requires less than an hour to extract a 2048-bit RSA key and a little more than two hours to extract a 2048-bit Diffie-Hellman key. The attack took 54 minutes to extract the material needed to assemble the Kyber-512 key and approximately 10 hours for the dilithium-2 key, not counting the offline time required to process the raw data.
Ars Technica, security firm
The researchers offered some advice on how to protect against these types of attacks. Among these techniques is ciphertext blinding, which is a good example. He explains, “Blinding performs the task of adding/removing masks to sensitive values before/after they are stored/loaded from memory.” This randomizes the encryption algorithm, preventing a Go Fetch attack from being effective. However, this avoidance is algorithm-specific and expensive.
Another way to protect affected devices is to run cryptographic processes on the aforementioned efficiency cores, also known as Icestorm cores, which do not have DMP. One way to do this is to run all cryptographic code on these cores. However, this security is not ideal, as additional cryptographic processes are likely to increase the time required to complete computer operations. Researchers have noted several defenses, but they are equally problematic.
“In the long term, we believe that extending the hardware and software contract with DMP in mind would be the right solution,” the researchers wrote. “At a minimum, the hardware should expose the software to a way to selectively disable DMP when running security-critical applications,” they advise.
As reported by CriptoNoticias, a vulnerability was discovered in an Apple device in April last year, which also gave access to important data, such as the way to store cryptocurrencies. This suggests that Apple may be working on a solution to the problem.
