Researchers have discovered a vulnerability in Intel and AMD central processing units (CPU) that could be used by malicious actors to access cryptographic keys.
According to researchers at the University of Texas Austin, the University of Illinois at Urbana-Champaign, and the University of Washington, a vulnerability called “Hertzbleed” in CPUs could allow “side-channel attacks” that can steal cryptographic keys.
CPUs from chip giants Intel and AMD are affected. These include Intel desktop and notebook models from the 8th to 11th generation Core microarchitecture, and desktop and notebook models with AMD Ryzen chips from the Zen 2 and Zen 3 microarchitectures.
The vulnerability was reported by computer hardware store Tom’s Hardware. Both Intel and AMD have issued advisories on the matter.
Hertzbleed is a new type of side channel attack called frequency side channels (hence the name Hertz and the data bleeding). According to the investigative work on the attack:
“In the worst case, these attacks can allow an attacker to extract cryptographic keys from remote servers that were previously believed to be secure.”
A Hertzbleed attack looks at the energy signature of any cryptographic workload and uses it to steal the data. This power signature varies due to the CPU’s dynamic boost clock rate adjustments during workload, Tom’s Hardware reported.
Dynamic Voltage and Frequency Scaling (DVFS) is a feature of modern processors that is used to reduce power consumption, so the vulnerability is not a bug.
Attackers can infer changes in power consumption by monitoring the time it takes for a server to respond to specific queries.
“Hertzbleed is a real and practical threat to the security of cryptographic software,” the researchers noted.
In 2020, Be[In]crypto reported the discovery of a flaw in Intel’s SGX (Software Guard Extension) that could also lead to side-channel attacks and compromised cryptographic keys.
There is a solution?
Intel and AMD have no current plans to implement any firmware patches to mitigate Hertzbleed, which can also be exploited remotely; however, there are alternative solutions.
According to chip companies, the solution to mitigate Hertzbleed is to disable frequency boost. For Intel CPUs, the feature is called “Turbo Boost”, and for AMD chips it is known as “Turbo Core” or “Precision Boost”. However, this is likely to affect processor performance, they noted.
According to Intel Senior Director of Security Communications and Incident Response Jerry Bryant, this attack is not practical outside of a lab environment, in part because it takes “hours or days” to steal a cryptographic key. He added that “cryptographic implementations that are hardened against power side channel attacks are not vulnerable to this problem.”
All information contained on our website is published in good faith and for general information purposes only. Any action that the reader takes on the information found on our website is strictly at their own risk.