Patchless Apple M-Chip Vulnerability Allows Cryptography Bypass

  /     /     /  
Publicated : 23/11/2024   Category : security


Patchless Apple M-Chip Vulnerability Allows Cryptography Bypass


The available options for addressing the flaw are limited, leaving many Macs vulnerable to a GoFetch attack that steals keys — even quantum-resistant ones.



Apple last week quietly posted a workaround for a vulnerability in its M-series processors that attackers could exploit to steal cryptographic keys. More details have now come to light as a proof-of-concept attack demonstrates the ability to steal secret keys from the OpenSSL Diffie-Hellman and Go RSA encryption protocols, and even from supposedly
quantum-resistant cryptographic protocols
such as CRYSTALS Dilithium and CRYSTALS Kyber.
Intended for developers of cryptographic libraries, the workaround activates a feature in Apple silicon called 
data-independent timing (DIT)
 that protects against the timing attacks that the vulnerability seeks to exploit. A timing attack is a sophisticated type of
side-channel attack
 where a threat actor studies the time it takes for a processor to respond to different types of instructions to guess the data that is being processed. Researchers have previously used the tactic to show how attackers can extract sensitive information from cache memory via other microprocessor flaws such as 
Spectre and Meltdown
.
However, only Apples M3 chips currently support DTI and thus are the only ones where the risk can be mitigated with the approach.
Meanwhile, developers of cryptographic applications will need to make other changes to address the vulnerability at the software level for devices running Apples M1 and M2 processors — there is no official workaround. Apple noted that even with the mitigation in place for the M3, developers will also need additional programming practices to prevent other changes to the processors microarchitectural state from providing an adversary with signals about secret values, Apple warned. For example, avoid conditional branches and memory access locations based on the value of the secret data.
Sadly, Apple itself cannot easily patch the flaw at the hardware level, according to academic researchers from the University of Illinois at Urbana Champaign; University of Texas at Austin, Georgia Institute of Technology; University of Washington; Carnegie Mellon University; and University of California, Berkeley. In a technical paper, they have disclosed details of their discovery and the PoC attack, which they have named
GoFetch
.
The new vulnerability is associated with a performance optimization feature called data memory-dependent prefetchers (DMP) in Apples M1, M2, and M3 microprocessors, which are used to preemptively cache data; they allow the chip to anticipate the next bit of information that it will need to access, which speeds up processing times.
DMP predicts memory addresses to be accessed in the near future and fetches the data into the cache accordingly from the main memory, according to the paper. Apples specific take on DMP takes prefetching a step further by also considering the content of memory to determine what to fetch, the researchers noted — and therein lies the problem.
Many developers use a coding practice or technique called 
constant-time programming
, especially developed for cryptographic protocols. The idea behind constant-time programming is to ensure that a processors execution time remains the same, regardless of whether the inputs are secret keys, plaintext, or any other data. The goal is to ensure that an attacker cannot derive any useful information by simply observing execution times or by tracing the codes control flow and memory accesses.
Put simply, the bug in Apples DMP mechanism obviates the security offered by constant-time programming. Unfortunately, [DMP] behavior inherently mixes data and memory addresses at the hardware level, making the entire compute stack non-constant-time, enabling our attack, the researchers explained.
The GoFetch attack was able to get the prefetcher to grab data from memory — in this case, small of bits cryptographic keys that it is not supposed to fetch — and place it in an accessible cache open to a would-be attacker.
The vulnerability definitely affects Apples M1, M2, and M3 silicon, but the problem could be more widespread.
We have mounted end-to-end GoFetch attacks on Apple hardware equipped with M1 processors, the researchers said in a 
separate FAQ and blog post
 on their exploit. We also tested DMP activation patterns on other Apple processors, and found that M2 and M3 CPUs also exhibit similar exploitable DMP behavior. The researchers did not test further, but they said they believe its very likely that other Apple M-series processors are vulnerable as well.
To boot, the vulnerability also affects Intels Raptor Lake processors. But as with Apples M3 chips, the Intel chip supports the ability for developers to disable DMP and enable DIT when doing cryptographic processing. The researchers also found Intels DMP implementation generally more resilient to attacks than Apples.
Its unclear just how easy it might be for an attacker to exploit the vulnerability in Apple M-series chips. In the past, similar microprocessor vulnerabilities — most notably Spectre and Meltdown — have evoked widespread concern. Researchers have consistently uncovered new ways to exploit these vulnerabilities in side-channel attacks. The most recent example 
is GhostRace, a speculative execution vulnerability
 that affects almost all currently available Intel, AMD, ARM, and IBM processors.
But so far at least, there are no publicly reported instances of threat actors exploiting these flaws on a mass scale, suggesting these attacks come with a high degree of difficulty. Even so, the potential risks associated with these types of attacks have prompted a 
broad and ongoing review of microprocessor architectures —
 especially performance optimizing features such as prefetchers and speculative or out-of-order execution.

Last News

▸ Debunking Machine Learning in Security. ◂
Discovered: 23/12/2024
Category: security

▸ Researchers create BlackForest to gather, link threat data. ◂
Discovered: 23/12/2024
Category: security

▸ Travel agency fined £150,000 for breaking Data Protection Act. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Patchless Apple M-Chip Vulnerability Allows Cryptography Bypass