Security News > 2020 > June > Intel patches chip flaw that could leak your cryptographic secrets

Intel patches chip flaw that could leak your cryptographic secrets
2020-06-12 15:33

If, for example, your program is reading through an array of data to perform a complex calculation based on all the values in it, the processor needs to make sure that you don't read past the end of your memory buffer, because that could allow someone else's private data to leak into your computation.

The theory is that if the checks fail, the chip can just discard the internal data that it now knows is tainted by insecurity, so there's a possible performance boost without a security risk given that the security checks will ultimately prevent secret data being disclosed anyway.

Any security shortcuts taken inside the core of the chip may inadvertently leave discernible traces that could allow untrusted software to make later inferences about some of that data.

An attacker who could make inferences about random cryptographic keys inside an enclave of yours could end up with access to secret data that even you aren't supposed to be able to read out!

Simply put, secret data generated inside the chip as part of the random generator circuitry will be aggressively purged after use so it doesn't leave behind those "Ghostly echoes" that might be detected thanks to speculative execution.


News URL

https://nakedsecurity.sophos.com/2020/06/12/intel-patches-chip-flaw-that-could-leak-your-cryptographic-secrets/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Intel 6314 31 755 708 45 1539