Intel and AMD chips are affected by a newly discovered vulnerability that could allow hackers to remotely access and steal encryption keys. The vulnerability, dubbed Hertzbleed, can be exploited via a power side-channel attack which measures the power consumed by a semiconductor.
Hertzbleed was discovered by a group of researchers from the University of Texas, the University of Illinois Urbana-Champaign, and the University of Washington, and is described as “a real, and practical, threat to the security of cryptographic software.” In a blog post, the researchers note: “Hertzbleed is a new family of side-channel attacks: frequency side channels. In the worst case, these attacks can allow an attacker to extract cryptographic keys from remote servers that were previously believed to be secure.”
How does the Hertzbleed vulnerability work?
The researchers discovered that cybercriminals could use a power and thermal management feature included in most modern chips, dynamic voltage and frequency scaling (DVFS), to monitor changes in power consumption of a specific chip. By doing this, hackers can extract secret cryptographic information from the chip, as power consumption changes when processing certain values.
This kind of attack, known as a power side-channel exploit, is already widely recognised as potentially problematic by chipmakers, but has previously been thought to be impractical to exploit because monitoring the power consumption of a chip remotely was almost impossible.
However, by analysing data from DVFS, attackers could look at the time it takes for a server to respond to queries, and from this deduce changes in power consumption. This can more easily be done remotely.
Intel vulnerability: what are the chipmakers doing?
The Hertzbleed researchers say they have been able to extract an encryption key using the technique from a server running the cryptographic algorithm SIKE. They say they have reproduced the attack on Intel CPUs spanning the 8th-11th generations of the company’s Core microarchitecture and claim it would also work on Intel’s Xeon CPUs for servers, as well as AMD’s Ryzen range.
The flaw is “interesting from a research perspective,” noted Jerry Bryant, Intel’s director of security communications and incident response. But, he said: “We do not believe this attack to be practical outside of a lab environment. Also note that cryptographic implementations that are hardened against power side-channel attacks are not vulnerable to this issue.”
It recommends cryptographic developers follow guidelines to “harden libraries” against this type of attack.
AMD said in a statement: “As the vulnerability impacts a cryptographic algorithm having power analysis-based side-channel leakages, developers can apply countermeasures on the software code of the algorithm. Either masking, hiding, or key-rotation may be used to mitigate the attack.”