Recently, a new vulnerability affecting Intel and AMD processors. This vulnerability has been baptized as “Hertzbleed” and its exploitation allows malicious actors remotely steal AES cryptographic keys just by measuring the energy consumed when processing its values.
Remotely stealing cryptographic keys after measuring power consumption has been known for a long time, but until now malicious actors had very limited avenues to do so successfully. However, that seems to have changed with “Hertzbleed”, as researchers have figured out how to turn such measurement into an attack that is less demanding to carry out successfully.
Delving into the details, researchers at the Universities of Texas at Austin, Washington, and Illinois Urbana-Champaign have discovered that Dynamic Voltage and Frequency Scaling (DVFS), a temperature and power management feature built into modern processors, allows attackers to infer changes in power consumption by motorizing the time the CPU spends responding to specific queries. Once it is understood how DVFS works, the barriers that have been present until now are reduced because side-channel attacks on energy consumption become much easier to carry out remotely based on time data.
In order to show that they are not bluffing, the researchers have shown that the exploit technique they have developed can be used to extract a cryptographic key from a server running SIKE, a cryptographic algorithm used to establish a secret key between two parties. through an insecure communications channel.
The vulnerability is tracked as CVE-2022-24436 on Intel processors and CVE-2022-23823 on AMD processors. At the moment its successful exploitation has been confirmed in the eighth to eleventh generations of Intel Core and AMD Ryzen, including Zen 2 and Zen 3. It is not ruled out that there are more generations of affected processors and even ARM models they are too.
Both Intel and AMD have said that, at least for now, they will not release a microcode update. to correct “Hertzbleed”, so the responsibility is falling on companies like Microsoft and Cloudflare, which are introducing modifications to the codes of the PQCrypto-SIDH and CIRCL cryptographic libraries respectively.
Moreover, from Intel it seems that they take iron away from the matter by saying that, “While this problem is interesting from a research perspective, we don’t think this attack would be practical outside of a lab setting. Also note that cryptographic implementations that are hardened against side channel attacks on power consumption are not vulnerable to this issue.. AMD, for its part, has declined to comment ahead of the coordinated lifting of the disclosure embargo.
Another possible reason why Intel and AMD have not taken action is the fact that fixing “Hertzbleed” would lead to performance loss, as researchers have proposed mitigation to users. disable Turbo Boost on Intel and Turbo Core or Precision Boot on AMD to prevent data leakage. Disabling these features can be done through the BIOS or at runtime through the frequency scaling driver.
Hardware-level vulnerabilities are common since Meltdown and Specter made their appearance in late 2017. Meltdown was resolved, albeit at the cost of performance loss in many contexts, while Specter was declared unsolvable, so mitigations were implemented not only at the microcode level, but also kernels, drivers and applications. In other words, patches were stacked to make it as difficult as possible for malicious actors.
The worst thing about these vulnerabilities is that, since they affect hardware, they are independent of the operating system and carrying out formatting and reinstallation processes is totally useless. We’ll see how “Heartzbleed” ends up being managed, but the fact that it makes it easier to steal crypto keys remotely should be of concern.
