Researchers have discovered that microprocessors from Intel, AMD, and others have a weakness that attackers can exploit to obtain cryptographic keys and other secret data traveling via hardware.
The team discovered that dynamic voltage and frequency scaling (DVFS)—a power and thermal management feature present in every modern CPU—enables attackers to deduce the changes in power consumption by measuring the time it takes for a server to respond to certain carefully made queries. By understanding how the DVFS feature functions, power side-channel attacks become less complex timing attacks that can be performed remotely.
The researchers have named this attack Hertzbleed as it uses the insights into DVFS to bleed out data that is supposedly private. The vulnerability is tracked as CVE-2022-24436 for Intel chips and CVE-2022-23823 for AMD CPUs. The researchers have demonstrated how the exploit technique they developed can be utilized to extract an encryption key from a server running SIKE, a cryptographic algorithm used to create a secret key between two parties over an insecure communications channel.
The team of researchers said they successfully replicated their attack on Intel CPUs from the 8th to the 11th generation of the Core microarchitecture. They also claimed that this attack would work on Intel Xeon CPUs and confirmed that AMD Ryzen processors are vulnerable and also allowed the same SIKE attack used against Intel chips. The researchers also claimed that chips made by other manufacturers may also be vulnerable.
It remains unclear if Hertzbleed represents a clear threat. Hence, developers should keenly study how the findings impact the security of the cryptographic software they design.