Intel latest vulnerability sparks heated discussions

x86 CPU, dangerous! A new security study shows that under an attack called Hertzbleed, hackers can steal encryption keys directly from remote servers . Neither Intel nor AMD CPUs are immune.

The scope of influence is probably like this.

Intel: All products

AMD 

The research came from research institutions such as the University of Texas at Austin and the University of Illinois at Urbana-Champaign, and the relevant papers aroused heated discussions as soon as they were published.

Attacks on DVFS

In cryptography, power analysis is a well-established side-channel attack method . For example, by measuring the power that the chip consumes while processing the data, a hacker can extract the encrypted data.

Fortunately, power analysis cannot be implemented remotely, and the means of attack are limited. But in Hertzbleed, researchers found that using Dynamic Voltage Frequency Scaling (DVFS), a power side-channel attack can be turned into a long-range attack ! DVFS is an important function that major manufacturers currently use to reduce CPU power consumption.

Specifically, the researchers found in their experiments that, in some cases, the dynamic frequency scaling of x86 processors depends on the data being processed, with a granularity of milliseconds. That is to say, the CPU frequency change caused by DVFS can be directly linked to data processing power consumption.

Since the difference in CPU frequency can be translated into a difference in the actual occurrence time, by monitoring the response time of the server, an attacker can observe this change remotely.

In the paper, researchers at the institute tested Hertzbleed on servers running SIKE, an encryption algorithm.

The results showed that in the unoptimized version of the attack, they completely extracted all keys in Cloudflare's encryption library CIRCL and Microsoft's PQCrypto-SIDH within 36 hours and 89 hours, respectively.

Intel & AMD: No more patches

The researchers said they disclosed the study to Intel, Cloudflare and Microsoft in the third quarter of 2021 . In the first quarter of this year, they also communicated with AMD. However, neither Intel nor AMD plan to issue a patch for this .

Jerry Bryant, senior director of secure communications and incident response at Intel, said: "While this is an interesting problem from a research perspective, we don't think this attack is feasible outside of a lab environment. Intel rates the vulnerability as moderately critical.

But Intel also mentioned in the announcement that it is publishing guidance to address this potential vulnerability . On the other hand, Microsoft and Cloudflare have both made updates to the encryption codebase.

The researchers estimate that these updates increase the decapsulation performance overhead of CIRCL and PQCrypto-SIDH by 5% and 11%, respectively.

They mention that disabling the frequency boosting features i.e. Intel's "Turbo Boost", AMD's "Turbo Core", etc., can alleviate the problems caused by Hertzbleed, but it will have a bad impact on system performance.

In addition, it is interesting that the researchers revealed that although Intel did not issue a patch, they had asked them to delay publishing the findings.