Hackers can steal crypto keys on Intel, AMD CPUs via ‘Hertzbleed’ vulnerability Oluwapelumi Adejumo · 44 mins ago · 2 min read
The researchers noted that the result of the research could be applied to all modern CPUs as the majority possess the Dynamic Voltage Frequency Scaling (DVFS).
2 min read
Updated: June 15, 2022 at 11:47 am
Cover art/illustration via CryptoSlate
New research shows that malicious players can steal cryptographic keys on Intel and AMD processors using a side-channel vulnerability attack known as ‘Hertzbleed,’ Tom’s Hardware reported.
According to the researchers, attackers can steal Advanced Encryption Standard (AES) cryptographic keys by monitoring a computer’s boost frequency and power mechanisms.
The researchers have only been able to identify the vulnerability in Intel and AMD CPUs, but other computers may also be affected.
The report was compiled by researchers from the University of Texas, Austin, University of Illinois Urbana-Champaign, and the University of Washington.
How the Hertzbleed attack works
Per the report, this side-channel attack steals data by monitoring the impact of an operation on a system. The attack observes the energy impression of any stipulated cryptographic workload since power signatures vary on different systems.
The attacker can then transform the obtained energy information into timing data to steal the cryptographic keys. Hackers can also use the Hertzbleed attack remotely.
Hertzbleed is a new family of side-channel attacks: frequency side channels. In the worst case, these attacks can allow an attacker to extract cryptographic keys from remote servers that were previously believed to be secure.
While only Intel and AMD processors have been tested, all modern CPUs are likely vulnerable as most possess a power algorithm called Dynamic Voltage Frequency Scaling (DVFS), which hackers can monitor.
The vulnerability affects all Intel processors, alongside AMD’s Zen 2 and Zen 3 system processors.
Intel and AMD react
According to available information, the chip giants have no plans to deploy a firmware patch.
The report advises users to disable the frequency boost feature. On Intel, it is known as “Turbo boost” and “Precision boost” on AMD. However, that could affect their system’s performance.
Intel also revealed that it had shared the result of its investigations with other chip makers for similar assessments of their systems. It continued that the hours required to steal the cryptographic keys might be challenging to achieve except in a lab setting.
Bachelors Scholarship7 days ago
Stanford University Scholarships In USA 2022-2023 | Fully Funded
Fully Funded Scholarships7 days ago
McGill University Scholarships In Canada 2022-2023 (Fully Funded)
Bitcoin6 days ago
What to know about Bitcoin’s pricing model and whether BTC will be ‘part of it’
Binance6 days ago
Binance Suspends Direct Deposits And Withdrawals In Brazil
Altcoins6 days ago
The many reasons why DOGE believers aren’t done yet
1600 blocks7 days ago
Bitcoin’s Sinking Price Pushes Hashrate Below 200 Exahash, Mining Difficulty Expected To Slide 2.8% Lower
2:1 ratio of sellers6 days ago
Cumberland Sees Massive OTC Moves During Crypto Market Rout — ‘Most Volume We’ve Seen This Year’
ada6 days ago
Cardano [ADA]: Plotting the path to a 125% rally after 1 August