Microprocessors from Intel, AMD and other companies contain a newly discovered weakness that remote attackers can exploit to obtain cryptographic keys and other secret data traveling through the hardware, researchers said Tuesday.
Hardware manufacturers have long known that hackers can extract secret cryptographic data from a chip by measuring the power it draws while processing those values. Fortunately, the means of exploiting power analysis attacks against microprocessors is limited because the threat actor has few viable means to remotely measure power consumption while processing secret hardware. Now a team of researchers has figured out how to turn power analysis attacks into a different class of side channel feat it is much less demanding.
The team found that Dynamic Voltage and Frequency Scaling (DVFS), a power and temperature management feature added to every modern processor, allows attackers to infer changes in power consumption by monitoring how long it takes for a server to respond to specific, carefully worded requests. . The discovery drastically reduces what is needed. With an understanding of how DVFS works, power side channel attacks become much simpler timing attacks that can be performed remotely.
The researchers dubbed their attack Hertzbleed because it uses knowledge from the DVFS to expose — or bleed — data meant to remain private. The vulnerability is identified as CVE-2022-24436 for Intel chips and CVE-2022-23823 for AMD processors. The researchers have previously shown how the exploit technique they developed can be used to extract an encryption key from a server running SIKEa cryptographic algorithm used to establish a secret key between two parties over an otherwise insecure communication channel.
The researchers said they successfully replicated their attack on 8th to 11th generation Intel processors of the Core microarchitecture. They also claimed that the technique would work on Intel Xeon processors and verified that AMD Ryzen processors are vulnerable and activated the same SIKE attack used against Intel chips. The researchers believe that chips from other manufacturers could also be affected.
In a blog post Explaining the discovery, members of the research team wrote:
Hertzbleed is a new family of side channel attacks: frequency side channels. In the worst case, these attacks can allow an attacker to extract cryptographic keys from remote servers that were previously believed to be secure.
Hertzbleed leverages our experiences showing that, in some circumstances, the dynamic frequency scaling of modern x86 processors is dependent on the data being processed. This means that, on modern CPUs, the same program can run at a different CPU frequency (and therefore take a different wall time) when computing, for example,
2022 + 23823compared to
2022 + 24436.
Hertzbleed is a real and practical threat to the security of cryptographic software.
We have demonstrated how a smart attacker can use a new chosen-ciphertext attack against SIKE to perform a full key extraction via remote synchronization, despite the “constant-time” SIKE implementation.
Intel’s senior director of security communications and incident response, Jerry Bryant, meanwhile disputed the practicality of the technique. In a Publish, he wrote: “Although this problem is interesting from a research perspective, we do not believe that this attack is practical outside of a lab environment. Also note that cryptographic implementations that are hardened against attacks per auxiliary power channel are not vulnerable to this problem.” Intel has also released guidance here for hardware and software manufacturers.
Neither Intel nor AMD releases microcode updates to change chip behavior. Instead, they approve of changes made by Microsoft and Cloudflare respectively to their PQCrypto-SIDH and CIRCLE cryptographic code libraries. The researchers estimated that the mitigation adds a decapsulation performance overhead of 5% for CIRCL and 11% for PQCrypto-SIDH. The mitigation measures were proposed by another team of researchers who, independently discovered the same weakness.
AMD declined to comment until a coordinated disclosure embargo was lifted.