Hertzbleed is a hardware security attack which describes exploiting dynamic frequency scaling to reveal secret data. The attack is a kind of timing attack, bearing similarity to previous power analysis vulnerabilities. Hertzbleed is more dangerous than power analysis, as it can be exploited by a remote attacker. Disclosure of cryptographic keys is the main concern regarding the exploit but other uses of the attack have been demonstrated since its initial discovery.[1][2][3][4][5][6]
CVE identifier(s) | CVE-2022-24436 (Intel), CVE-2022-24436 (AMD), CVE-2022-35888 (Ampere) |
---|---|
Date discovered | Publicly disclosed June 14, 2022 |
Date patched | No patch planned |
Affected hardware | Processors using DVFS |
Website | hertzbleed |
The exploit has been verified to work against Intel and AMD processors, with Intel's security advisory stating that all Intel processors are affected.[7] Other processors using frequency scaling exist, but the attack has not been tested on them.
Neither Intel nor AMD are planning to release microcode patches, instead advising to harden cryptography libraries against the vulnerability.
Mechanism
editNormal timing attacks are mitigated by using constant-time programming, which ensures that each instruction takes equally long, regardless of the input data. Hertzbleed combines a timing attack with a power analysis attack. A power analysis attack measures the power consumption of the CPU to deduce the data being processed. This, however, requires an attacker to be able to measure the power consumption.
Hertzbleed exploits execution time differences caused by dynamic frequency scaling, a CPU feature which changes the processor's frequency to maintain power consumption and temperature constraints. As the processor's frequency depends on the power consumption, which in turn depends on the data, a remote attacker can deduce the data being processed from execution time. Hertzbleed thus effectively bypasses constant-time programming, which does not take into account changes in processor frequency.[3]
See also
edit- Side-channel attack – Any attack based on information gained from the implementation of a computer system
- Transient execution CPU vulnerability – Computer vulnerability using speculative execution
References
edit- ^ "Hertzbleed Attack". Hertzbleed Attack. Retrieved 14 June 2022.
- ^ Wang, Yingchen; Paccagnella, Riccardo; He, Elizabeth Tang; Shacham, Hovav; Fletcher, Christopher; Kohlbrenner, David (2022). "Hertzbleed: Turning Power Side-Channel Attacks Into Remote Timing Attacks on x86". Proceedings of the 31st USENIX Security Symposium. USENIX Security 22. 43 (4). Boston, MA, USA: USENIX: 679–697. doi:10.1109/MM.2023.3274619. S2CID 251793871.
- ^ a b Goodin, Dan (14 June 2022). "A new vulnerability in Intel and AMD CPUs lets hackers steal encryption keys". Ars Technica. Retrieved 14 June 2022.
- ^ Gatlan, Sergiu. "New Hertzbleed side-channel attack affects Intel, AMD CPUs". Bleeping Computer. Retrieved 14 June 2022.
- ^ Liu, Chen; Chakraborty, Abhishek; Chawla, Nikhil; Roggel, Neer (7 November 2022). "Frequency Throttling Side-Channel Attack". Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security. CCS '22. New York, NY, USA: Association for Computing Machinery. pp. 1977–1991. arXiv:2206.07012. doi:10.1145/3548606.3560682. ISBN 978-1-4503-9450-5.
- ^ Wang, Yingchen; Paccagnella, Riccardo; Wandke, Alan; Gang, Zhao; Garrett-Grossman, Grant; Fletcher, Christopher W.; Kohlbrenner, David; Shacham, Hovav (2023). "DVFS Frequently Leaks Secrets: Hertzbleed Attacks Beyond SIKE, Cryptography, and CPU-Only Data". 2023 IEEE Symposium on Security and Privacy (SP). pp. 2306–2320. doi:10.1109/SP46215.2023.10179326. ISBN 978-1-6654-9336-9. S2CID 259257477.
- ^ "INTEL-SA-00698". Intel. Retrieved 14 December 2023.