Intel and AMD chips, as well as processors from other manufacturers, may be susceptible to a new type of attack that could allow threat actors to steal cryptographic keys and other data directly from terminal hardware (opens in a new tab ).

A team of security researchers, including Riccardo Paccagnella of the University of Illinois at Urbana-Champaign, set out to study the idea of ​​extracting cryptographic data from a chip by measuring the power consumed in processing the data. This is a relatively old theory that has proven unfeasible in practice, due to the inability to measure power consumption remotely.

But the researchers managed to put a new spin on the idea, turning the attack into another type of side-channel exploit, and this one is much more viable.

Intel downplays the flaw

It turns out that with dynamic voltage and frequency scaling (DVFS), attackers can track how long it takes for the server to respond to specific requests, allowing them to detect changes in power consumption effectively. It's a relatively simple thing, according to the researchers. They named the vulnerability Hertzbleed, and it has since been tracked as CVE-2022-24436 for Intel devices and CVE-2022-23823 for AMD.

While they were able to successfully replicate the attack on XNUMXth and XNUMXth generation Intel chips, they also say it works on Xeon as well as Ryzen chips.

But Intel has none. In response to the findings, the company's senior director of security communications and incident response, Jerry Bryant, wrote that the idea is not practical outside of the lab.

“While this problem is interesting from a research perspective, we don't think this attack would be practical outside of a lab setting. Also note that crypto implementations that are hardened against power side channel attacks are not vulnerable to this issue."

Chipmakers will not update their chips, Ars Technica found, and will instead approve changes made by Microsoft and Cloudflare to their PQCrypto-SIDH and CIRCL cryptographic code libraries.

Via: Ars Technica (Opens in a new tab)

Share This