Hertzbleed Side-Channel Attack Threatens Cryptographic Keys for Servers

  /     /     /  
Publicated : 23/11/2024   Category : security


Hertzbleed Side-Channel Attack Threatens Cryptographic Keys for Servers


A novel timing attack allows remote attackers with low privileges to infer sensitive information by observing power-throttling changes in the CPU.



A side-channel timing attack dubbed Hertzbleed by researchers could allow remote attackers to sniff out cryptographic keys for servers. It affects most Intel processors, as well as some chipsets from AMD and likely others.
The issue is a timing
side-channel flaw
(tracked as CVE-2022-24436 for Intel and
CVE-2022-23823
for AMD) found in the CPU-throttling technology known as dynamic voltage and frequency scaling (DVFS). DVFS regulates power consumption and electrical current use so that a CPU doesnt overheat when processing large amounts of data, and it conserves battery power during low-activity times.
As Intel explains in
guidance published this week
, observing these regulation changes can allow attackers to infer sensitive information.
CPU frequency throttling is triggered when one of these limits is reached, which results in CPU frequency, according to Intel. This frequency change and derived behavior may be correlated with information being processed by the CPU, and it may be possible to infer parts of the information through sophisticated analysis of the frequency change behavior.
In the worst case, these attacks can allow an attacker to extract cryptographic keys from remote servers that were previously believed to be secure, according to a technical
research paper
 (PDF) by the team who discovered the attack, from the University of Texas at Austin, the University of Illinois Urbana-Champaign, and the University of Washington.
Hertzbleed – its name a take on the infamous
Heartbleed timing attack
from 2014 – is significant because it allows remote attacks without the need to subvert a power-measurement interface, the researchers note, thus widening the attack surface.
Software-based power-analysis attacks can be mitigated and easily detected by blocking (or restricting [10]) access to power-measurement interfaces, according to the paper. Up until today, such a mitigation strategy would effectively reduce the attack surface to physical power analysis, a significantly smaller threat.
While the researchers acknowledge that any real-world attacks would require a high level of complexity, they demonstrated successful
proofs of concept
for extracting keys as remote attackers authenticated with low privileges and no user interaction requires. This makes Hertzbleed is a real, and practical, threat to the security of cryptographic software, they say.
Intel begs to differ. 
While this issue is interesting from a research perspective, we do not believe this attack to be practical outside of a lab environment, said Jerry Bryant, Intels senior director of security communications and incident response,
in a recent posting
. Also note that cryptographic implementations that are hardened against power side-channel attacks are not vulnerable to this issue.
However, he also explained that the issue may extend past Intel and AMD.
CVE-2022-24436 is not architecture-specific and any modern CPU that has dynamic power and thermal management is potentially affected, he said. Intel shared its findings with other silicon vendors so they could assess their potential impact.
Neither Intel nor AMD are issuing microcode to address the issue; instead, they recommend that developers achieve mitigation through masking and blinding techniques that would hide the timing changes from observation.

Last News

▸ Scan suggests Heartbleed patches may not have been successful. ◂
Discovered: 23/12/2024
Category: security

▸ IoT Devices on Average Have 25 Vulnerabilities ◂
Discovered: 23/12/2024
Category: security

▸ DHS-funded SWAMP scans code for bugs. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Hertzbleed Side-Channel Attack Threatens Cryptographic Keys for Servers