View all newsletters
Receive our newsletter – data, insights and analysis delivered to you

Hertzbleed vulnerability leaves Intel and AMD chips open to attack

By measuring a chip's power output, hackers could steal encrypted information, new research suggests.

By Matthew Gooding

Intel and AMD chips are affected by a newly discovered vulnerability that could allow hackers to remotely access and steal encryption keys. The vulnerability, dubbed Hertzbleed, can be exploited via a power side-channel attack which measures the power consumed by a semiconductor.

Intel Xeon chips could be impacted by the Hertzbleed vulnerability. (Photo by AdrianHancu/iStock)

Hertzbleed was discovered by a group of researchers from the University of Texas, the University of Illinois Urbana-Champaign, and the University of Washington, and is described as “a real, and practical, threat to the security of cryptographic software.” In a blog post, the researchers note: “Hertzbleed is a new family of side-channel attacks: frequency side channels. In the worst case, these attacks can allow an attacker to extract cryptographic keys from remote servers that were previously believed to be secure.”

How does the Hertzbleed vulnerability work?

The researchers discovered that cybercriminals could use a power and thermal management feature included in most modern chips, dynamic voltage and frequency scaling (DVFS), to monitor changes in power consumption of a specific chip. By doing this, hackers can extract secret cryptographic information from the chip, as power consumption changes when processing certain values.

This kind of attack, known as a power side-channel exploit, is already widely recognised as potentially problematic by chipmakers, but has previously been thought to be impractical to exploit because monitoring the power consumption of a chip remotely was almost impossible.

However, by analysing data from DVFS, attackers could look at the time it takes for a server to respond to queries, and from this deduce changes in power consumption. This can more easily be done remotely.

Intel vulnerability: what are the chipmakers doing?

The Hertzbleed researchers say they have been able to extract an encryption key using the technique from a server running the cryptographic algorithm SIKE. They say they have reproduced the attack on Intel CPUs spanning the 8th-11th generations of the company’s Core microarchitecture and claim it would also work on Intel’s Xeon CPUs for servers, as well as AMD’s Ryzen range.

Intel and AMD have both released advisories about the flaw, with Intel noting all its processors could be impacted. But neither company has any current plans to patch the vulnerability.

Content from our partners
Webinar - Top 3 Ways to Build Security into DevOps
Tech sector is making progress on diversity, but advances must accelerate
How to bolster finance functions and leverage tech to future-proof operational capabilities

The flaw is “interesting from a research perspective,” noted Jerry Bryant, Intel’s director of security communications and incident response. But, he said: “We do not believe this attack to be practical outside of a lab environment. Also note that cryptographic implementations that are hardened against power side-channel attacks are not vulnerable to this issue.”

It recommends cryptographic developers follow guidelines to “harden libraries” against this type of attack.

AMD said in a statement: “As the vulnerability impacts a cryptographic algorithm having power analysis-based side-channel leakages, developers can apply countermeasures on the software code of the algorithm. Either masking, hiding, or key-rotation may be used to mitigate the attack.”

Read more: Intel announces $80bn investment in Europe

Topics in this article: ,
Websites in our network
NEWSLETTER Sign up Tick the boxes of the newsletters you would like to receive. Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
I consent to New Statesman Media Group collecting my details provided via this form in accordance with the Privacy Policy
SUBSCRIBED

THANK YOU