Security News > 2024 > March > Hardware Vulnerability in Apple’s M-Series Chips

Hardware Vulnerability in Apple’s M-Series Chips
2024-03-28 11:05

The threat resides in the chips' data memory-dependent prefetcher, a hardware optimization that predicts the memory addresses of data that running code is likely to access in the near future.

The breakthrough of the new research is that it exposes a previously overlooked behavior of DMPs in Apple silicon: Sometimes they confuse memory content, such as key material, with the pointer value that is used to load other data.

As long as the GoFetch app and the targeted cryptography app are running on the same performance cluster-­even when on separate cores within that cluster­-GoFetch can mine enough secrets to leak a secret key.

The GoFetch app requires less than an hour to extract a 2048-bit RSA key and a little over two hours to extract a 2048-bit Diffie-Hellman key.

The GoFetch app connects to the targeted app and feeds it inputs that it signs or decrypts.

As its doing this, it extracts the app secret key that it uses to perform these cryptographic operations.


News URL

https://www.schneier.com/blog/archives/2024/03/hardware-vulnerability-in-apples-m-series-chips.html