Recently new vulnerabilities affecting Intel and AMD processors. This vulnerability has been christened “Hertzbleed” and its exploitation allows malicious actors remotely steal AES cryptographic keys just by measuring the energy consumed in processing its values.

The remote theft of crypto-keys after measuring energy consumption has been known for a long time, but until now, malicious actors have had very limited opportunities to do so successfully. However, this seems to have changed with “Hertzbleed“Because scientists have figured out how to turn such a measurement into a less demanding one.

Researchers at Texas universities in Austin, Washington and Illinois Urbana-Champaign have found that dynamic voltage and frequency scaling (DVFS), temperature and power control features built into modern processors, allows attackers to derive changes in power consumption by motorizing the time the CPU spends answering specific queries. Once you understand how DVFS works, the barriers that have been present so far will decrease because Side-by-side attacks on energy consumption are much easier to perform remotely based on time data.

To show that they are not bluffing, researchers have shown that the exploit technique they developed can be used to extract a cryptographic key from a server running SIKE, a cryptographic algorithm used to create a secret key between two parties. unsecured communication channel.

The vulnerability is tracked as CVE-2022-24436 on Intel processors and CVE-2022-23823 on AMD processors. At the moment, its successful use is confirmed in the eighth to eleventh generations of Intel Core and AMD Ryzen, including Zen 2 and Zen 3. It is possible that there are several generations of affected processors and even ARM models, which they are.

Both Intel and AMD have said they will not release a microcode update at least. fix “Hertzbleed,” so that the responsibility lies with companies like Microsoft and Cloudflare, which introduce code modifications to the PQCrypto-SIDH and CIRCL cryptographic libraries.

In addition, they seem to be taking iron out of Intel by saying “Although this problem is interesting from a research point of view, we do not think this attack would be practical outside the laboratory environment. Also note that cryptographic implementations that are enhanced against side-channel attacks on power consumption are not vulnerable to this problem.. AMD, for its part, declined to comment before the coordinated lifting of the embargo on disclosure.

Another possible reason why Intel and AMD have not taken any action is that the “Hertzbleed” fix would lead to a loss of performance because researchers have suggested a reduction for users. disable Turbo Boost on Intel and Turbo Core or Precision Boot on AMD to prevent data leakage. You can disable these features through the BIOS or at run time using the frequency scale driver.

Hardware vulnerabilities have been common since Meltdown and Specter appeared in late 2017. Meltdown has been resolved, albeit in many contexts at the cost of loss of performance, while Specter has been declared unsolvable, so mitigation has been implemented not only at the microcode level. but also kernels, drivers and applications. In other words, the patches were stacked to make it as complicated as possible for malicious actors.

The worst thing about these vulnerabilities is that because they affect the hardware, they are independent of the operating system and performing formatting and reinstallation processes is completely unnecessary. We’ll see how “Heartzbleed” is eventually managed, but the fact that it facilitates remote theft of cryptographic keys should be worrying.