x86 CPUs are in danger: Hackers can remotely steal keys

x86 CPUs are in danger: Hackers can remotely steal keys.

A new security study shows that under an attack called Hertzbleed, hackers can steal encryption keys directly from remote servers.

Neither Intel nor AMD CPUs are immune.

The scope of influence is probably that of Aunt Sauce.

Intel: All.

AMD：

The research came from research institutions such as the University of Texas at Austin and the University of Illinois at Urbana-Champaign, and the relevant papers aroused heated discussions as soon as they were published.

x86 CPUs are in danger! Hackers can steal keys remotely

What’s going on, let’s study it together.

Attacks on DVFS

In cryptography, power analysis is a well-established side-channel attack method.

For example, by measuring the power that the chip consumes while processing the data, a hacker can extract the encrypted data.

Fortunately, power analysis cannot be implemented remotely, and the means of attack are limited.

But in Hertzbleed, researchers found that using Dynamic Voltage Frequency Scaling (DVFS), a power side-channel attack can be turned into a long-range attack!

DVFS is an important function that major manufacturers currently use to reduce CPU power consumption.

Specifically, the researchers found in their experiments that, in some cases, the dynamic frequency scaling of x86 processors depends on the data being processed, with a granularity of milliseconds.

That is to say, the CPU frequency change caused by DVFS can be directly linked to data processing power consumption.

Since the difference in CPU frequency can be converted into a difference in the actual occurrence time, by monitoring the response time of the server, an attacker can observe this change remotely.

x86 CPUs are in danger! Hackers can steal keys remotely

In the paper, researchers at the institute tested Hertzbleed on servers running SIKE, an encryption algorithm.

The results show that in the unoptimized version of the attack, they completely extracted all the keys in the Cloudflare encryption library CIRCL and Microsoft PQCrypto-SIDH within 36 hours and 89 hours, respectively.

Intel & AMD: No more patches

The researchers said they disclosed the study to Intel, Cloudflare and Microsoft in the third quarter of 2021. In the first quarter of this year, they also communicated with AMD.

Neither Intel nor AMD plan to issue a patch for this, though.

According to Jerry Bryant, Intel Senior Director of Secure Communications and Incident Response:

While this question is interesting from a research perspective, we do not believe that this attack is feasible outside of a laboratory environment.

Intel rates the vulnerability as moderately critical.

But Intel also mentioned in the announcement that it is publishing guidance to address this potential vulnerability.

On the other hand, Microsoft and Cloudflare have both made updates to the encryption code base.

The researchers estimate that these updates increase the decapsulation performance overhead of CIRCL and PQCrypto-SIDH by 5% and 11%, respectively.

They mention that disabling the frequency boosting features i.e. Intel’s “Turbo Boost”, AMD’s “Turbo Core”, etc., can alleviate the problems caused by Hertzbleed, but it will have a bad impact on system performance.

In addition, it is interesting that the researchers revealed that although Intel did not issue a patch, they had asked them to delay publishing the results of the investigation.

Reference：[1]

DIY a Router

DIY a PBX

DISCLAIMER OF COSFONE.COM

x86 CPUs are in danger: Hackers can remotely steal keys