New GoFetch attack on Apple Silicon CPUs can steal crypto keys

New GoFetch attack on Apple Silicon CPUs can steal crypto keys

March 22, 2024 at 11:07AM

The “GoFetch” attack targets modern Apple M-series CPUs’ constant-time cryptographic implementations, allowing it to steal secret cryptographic keys from the CPU’s cache. The attack, developed by researchers in the U.S., cannot be fixed in affected CPUs. Mitigating it with software patches would reduce cryptographic performance. Apple owners should practice safe computing habits and await further updates from Apple.

After reviewing the meeting notes, it’s clear that a new side-channel attack called “GoFetch” poses a significant threat to Apple’s M1, M2, and M3 processors. The attack targets constant-time cryptographic implementations using data memory-dependent prefetchers found in modern Apple CPUs, allowing attackers to steal secret cryptographic keys from the CPU’s cache.

The attack was developed by a team of researchers from various U.S. universities and was reported to Apple on December 5, 2023. Unfortunately, as it is a hardware-based vulnerability, there is no way to fix it in impacted CPUs. While it is possible to introduce software fixes, this would lead to a performance hit on the affected CPUs’ cryptographic functions. The attack presents a serious risk, especially considering that M2 and M3 processors are likely vulnerable as well.

As an Apple user, there are limited options for mitigating the impact of the GoFetch attack. On some CPUs like the M3, it’s possible to disable the data memory-dependent prefetcher, which removes the behavior that GoFetch relies on. However, this is not feasible for the M1 and M2. For developers, potential defense measures include input blinding and DMP activation masking to obfuscate the results of the attacker’s input on the DMP level.

It’s important for Apple users to practice safe computing habits, including regularly updating their operating system and software, and only installing software from official channels and reputable sources to prevent malware infections. Additionally, users should be cautious as the GoFetch attack can be executed remotely, not requiring physical access for exploitation.

Apple has been contacted for a comment on the GoFetch danger and whether it plans to roll out security updates, but a spokesperson has only provided a developer page outlining a mitigation, indicating that more details may be released at a later time. Users should stay informed about any further updates from Apple regarding this issue.

Full Article