Chips from Intel and AMD, as well as processors from other manufacturers, could be susceptible to a new type of attack that could allow threat actors to steal cryptographic keys and other data directly from the endpoint. (opens in new tab) hardware.
A team of security researchers, including Riccardo Paccagnella at the University of Illinois Urbana-Champaign, began investigating the idea of extracting cryptographic data from a chip by measuring the power consumed during data processing. It is a relatively old theory that has proven unfeasible in practice, due to the inability to measure energy consumption remotely.
But the researchers managed to put a new twist on the idea, turning the attack into a different kind of side-channel exploration, and this one is much more viable.
Intel minimizes the failure
It turns out that through dynamic voltage and frequency scaling (DVFS), attackers can track the time it takes the server to respond to specific queries, allowing them to detect changes in power consumption. It’s a relatively simple thing, the researchers said. They dubbed the vulnerability Hertzbleed, and it has since been tracked as CVE-2022-24436 for Intel devices and CVE-2022-23823 for AMD.
While they were able to successfully replicate the attack on 8th to 11th Gen Intel chips, they are also saying that it works on Xeon as well as Ryzen chips.
But Intel has none of that. Responding to the findings, the company’s senior director of security communications and incident response, Jerry Bryant, wrote that the idea is not practical outside the lab.
“While this issue is interesting from a research perspective, we do not believe this attack is practical outside of a lab environment. Also note that cryptographic implementations secured against power side channel attacks are not vulnerable to this issue. “
Chip manufacturers will not update their chips, Ars Technica found and will instead endorse the changes that Microsoft and Cloudflare have made to their PQCrypto-SIDH and CIRCL cryptographic code libraries.
Through: Ars Technica (opens in new tab)