A group of US academics has demonstrated a side-channel attack against Apple’s M-series silicon, extracting keys from constant-time encryption processes.
The attack, which the researchers dubbed GoFetch, works against “data memory-dependent prefetchers” (DMPs).
DMPs are a hardware optimisation technique which try to prefetch addresses found in program memory. The DMP predicts the memory addresses of data most likely to be accessed by the code that’s running, and the attackers worked out how to influence the data being prefetched, creating the path for a data leak.
In a paper [pdf], they showed that “among other things, the Apple DMP will activate on behalf of any victim program and attempt to ‘leak’ any cached data that resembles a pointer”.
The researchers demonstrated the GoFetch attack against OpenSSL’s Diffie-Hellman key exchange, Go’s RSA decryption, and the post-quantum CRYSTALS-Kyber and CRYSTALS-Dilithium implementations.
GoFetch is limited to local attackers, which constrains its severity but the paper notes that it may require hardware changes to fix.
Apple said there are possible mitigations based on how encryption software is written and provides this advice for developers.
The research was conducted by Boru Chen of the University of Illinois Urbana-Champaign; Yingchen Wang of the University of Texas, Austin; Pradyumna Shome and Daniel Genkin of Georgia Tech; Christopher Fletcher of the University of California, Berkeley; David Kohlbrenner from the University of Washington; and Riccardo Paccagnella of Carnegie Mellon University.
