The GoFetch Vulnerability Leaks Secret Keys in Apple M-Series Chips.
- A security flaw has been found in Apple's M-series chips that could let attackers extract secret keys used in cryptographic operations. Known as GoFetch, this vulnerability is a type of microarchitectural side-channel attack. It specifically targets constant-time cryptographic implementations by exploiting the data memory-dependent prefetcher (DMP) feature in the CPU.
- Prefetchers are like super-smart assistants for your computer's memory. They predict which parts of memory your programs will need next and fetch that data ahead of time, storing it in the cache for quick access.
- DMP, a type of prefetcher, goes a step further by learning from past behaviors to make even more accurate predictions. Unfortunately, this predictability can be a weakness. Attackers can take advantage of this behavior to sneakily access sensitive data stored in the CPU cache, which should be kept safe.
- Prefetchers are like super-smart assistants for your computer's memory. They predict which parts of memory your programs will need next and fetch that data ahead of time, storing it in the cache for quick access.
- DMP, a type of prefetcher, goes a step further by learning from past behaviors to make even more accurate predictions. Unfortunately, this predictability can be a weakness. Attackers can take advantage of this behavior to sneakily access sensitive data stored in the CPU cache, which should be kept safe.
- This vulnerability breaks a key rule of programming called the constant-time paradigm, which says you shouldn't mix data and memory access patterns. It's like separating your secret diary from your everyday notes to keep them safe.
- To pull off this attack, the bad actor needs to trick someone into downloading a malicious app. Once the app is on the same machine and CPU cluster as the victim, it can start stealing data using the GoFetch technique.
- Even though the attacker and victim don't share memory, the attacker can spy on certain performance metrics, like cache latency, to steal data. GoFetch shows that even if you follow the constant-time rule perfectly, the prefetcher can still grab secret-dependent data for the attacker.
- This vulnerability is a big deal because it bypasses a key security measure in programming. Fixing it in current Apple CPUs isn't easy, so developers will have to find ways to protect against GoFetch, which might slow down some operations. It's also a reminder for users to keep their devices updated.
- On a positive note, Apple's M3 chips can be protected by enabling data-independent timing (DIT), which disables the prefetcher. Unfortunately, this isn't an option for M1 and M2 processors.
- Apple recommends that developers avoid certain programming practices to block attackers from using microarchitectural tricks. This includes steering clear of conditional branches and memory access locations based on secret data, which can help keep the bad guys out of your CPU's secret inner workings.
- Another group of researchers, this time from Graz University of Technology in Austria and the University of Rennes in France, has uncovered a new type of attack that targets popular browsers and graphics cards. This attack uses specially crafted JavaScript code on a website to steal sensitive information, such as passwords, by exploiting the GPU's cache. What's unique about this attack is that it doesn't need any interaction from the user.
- This attack is the first of its kind to use the GPU's cache as a side-channel from within the browser. This is possible because browsers like Chrome and Firefox allow websites to access the GPU for tasks like graphics processing, using APIs like WebGL and WebGPU.
- The researchers explained, "Even though JavaScript and WebGPU have limitations, we were able to develop new attack techniques that let us steal data as effectively as traditional attacks on CPUs."
- This attack could be used in drive-by attacks, where simply visiting a website could lead to the theft of AES keys or even the unauthorized mining of cryptocurrencies while you're online. It affects all operating systems and browsers that support the WebGPU standard, as well as a wide range of GPU devices.
- To protect against this type of attack, the researchers suggest that websites should ask for permission from users before accessing the host system's graphics card, similar to how they seek permission for using the camera or microphone.
Tags:
Technology