‘GoFetch’ Leaks Secret Encryption Keys – AI-Tech Report

The data memory-dependent prefetcher, or DMP, is a specific type of prefetcher that predicts what memory addresses a running program will access based on previously observed access patterns. It retrieves the data from the main memory and brings it into the CPU cache, reducing the latency of memory accesses. The DMP takes into account the contents of memory when determining what data to prefetch. This behavior makes the DMP susceptible to cache-based attacks, as it can reveal the contents associated with a victim process.

Explanation of how DMP can be exploited to capture sensitive data

The GoFetch vulnerability exploits the DMP’s behavior by manipulating the prefetching process to capture sensitive data. By luring a target into downloading a malicious app, the attacker can force the DMP to generate secret-dependent memory access on behalf of the victim. This secret-dependent memory access opens the door for the attacker to access sensitive data that would otherwise be protected. The GoFetch vulnerability nullifies the security protections offered by constant-time programming against timing side-channel attacks, making it a significant concern for cryptographic implementations.

The Findings

Apple’s awareness of the vulnerability

Apple became aware of the GoFetch vulnerability in December 2023 when a team of seven academics from various institutions reported their findings. This awareness prompted Apple to take action and acknowledge the significance of the vulnerability.

How GoFetch builds on the Augury attack

GoFetch builds on the techniques employed in the Augury attack, which also exploits the DMP to leak data. Both attacks violate the constant-time programming paradigm by mixing data and memory access patterns. However, the GoFetch vulnerability exhibits a more aggressive behavior than previously thought, posing a greater security risk.

Explanation of how GoFetch violates the constant-time programming paradigm

The constant-time programming paradigm advocates for the separation of data and memory access patterns to prevent side-channel attacks. GoFetch violates this paradigm by utilizing the DMP to generate secret-dependent memory access on behalf of the victim. This violation renders the victim susceptible to key-extraction attacks, allowing the attacker to access sensitive data.

Requirement for co-located processes on the same machine and CPU cluster

To fully exploit the GoFetch vulnerability, the attacker and the victim must have co-located processes on the same machine and CPU cluster. This requirement poses a challenge for attackers but highlights the significance of careful software installation and downloading practices for users.

Exploiting the Vulnerability

Luring a target to download a malicious app

To exploit the GoFetch vulnerability, the attacker must lure a target into downloading a malicious app. This requires social engineering techniques to convince the target to install the app, which may appear legitimate but contains malicious code designed to exploit the vulnerability.

Monitoring microarchitectural side channels

Once the victim has downloaded the malicious app, the attacker can monitor microarchitectural side channels, such as cache latency, to gather information about the victim’s system. This information provides insight into the behavior of the DMP and helps the attacker further exploit the vulnerability.

Using DMP to generate secret-dependent memory access

With knowledge of the victim’s system behavior obtained from monitoring microarchitectural side channels, the attacker can utilize the DMP to generate secret-dependent memory access. This process forces the DMP to prefetch specific data that the attacker can use to access sensitive information.

Accessing sensitive data through the prefetcher

By manipulating the prefetching process through the DMP, the attacker can access the sensitive data stored in the CPU cache. This data may include secret encryption keys or other information that the victim intended to protect. The attacker can then use this information for malicious purposes.

Implications and Risk

Nullification of security protections offered by constant-time programming

The GoFetch vulnerability completely nullifies the security protections offered by constant-time programming against timing side-channel attacks. This means that even if a victim follows the constant-time programming paradigm, the DMP can generate secret-dependent memory access on their behalf, rendering their sensitive data vulnerable to extraction.

Increased security risk posed by DMP

The GoFetch vulnerability sheds light on the aggressive behavior of the DMP and the increased security risk it poses. The DMP’s prefetching technique, which aims to reduce memory access latency, inadvertently creates a potential vulnerability that attackers can exploit.

Inability to fix the flaw in existing Apple CPUs

The fundamental nature of the GoFetch vulnerability makes it impossible to fix in existing Apple CPUs. This limitation requires developers of cryptographic libraries to take preventive measures to block the conditions that allow GoFetch to succeed, potentially resulting in a performance impact.

Steps for developers of cryptographic libraries to prevent GoFetch

Developers of cryptographic libraries must take steps to prevent the successful exploitation of the GoFetch vulnerability. This includes avoiding mixing data and memory access patterns, adhering to the constant-time programming paradigm, and implementing countermeasures to mitigate the risk presented by DMP.

Not possible to disable DMP on M1 and M2 processors

Disabling the DMP on Apple’s M1 and M2 processors is not currently possible. This limitation highlights the need for alternative strategies and countermeasures to protect sensitive data from the GoFetch vulnerability on these processor models.

Mitigation and Countermeasures

Keeping systems up-to-date as a user

As a user, it is crucial to keep your systems up-to-date with the latest patches and security updates. This includes updating your operating system, applications, and any cryptographic libraries you may be using. By maintaining up-to-date systems, you can mitigate the risk of the GoFetch vulnerability.

Enabling data-independent timing (DIT) on Apple M3 chips

For users with Apple M3 chips, enabling data-independent timing (DIT) can effectively disable the DMP and mitigate the risk of the GoFetch vulnerability. With DIT enabled, the processor completes instructions in a constant amount of time, regardless of the input data, preventing timing-based leakage.

Apple’s recommendation to avoid conditional branches and memory access locations

Apple recommends that developers avoid using conditional branches and memory access locations based on the value of secret data. By eliminating these potential vulnerabilities, developers can effectively block adversaries from inferring secrets by monitoring the processor’s microarchitectural state.

Demonstration of GPU cache side-channel attack in browsers

In addition to the GoFetch vulnerability, there are other emerging threats in the cybersecurity landscape. A group of researchers recently demonstrated a GPU cache side-channel attack that affects popular browsers and graphics cards. This attack leverages specially crafted JavaScript code to infer sensitive information, and it emphasizes the need for comprehensive security measures beyond the realm of microarchitectural vulnerabilities.

Proposed countermeasure for GPU attacks requiring user permission

To counter GPU cache side-channel attacks, the researchers propose treating access to the host system’s graphics card via the browser as a sensitive resource. They recommend requiring websites to seek user permission before accessing the graphics card, similar to permissions required for camera or microphone usage. This countermeasure can help mitigate the risk presented by GPU-based attacks.

Conclusion

The GoFetch vulnerability in Apple M-Series Chips poses a significant risk to the security of sensitive data. By exploiting the microarchitectural side channels and the DMP, attackers can extract secret encryption keys and other sensitive information. This vulnerability nullifies the protection offered by constant-time programming and requires developers and users to implement mitigations and countermeasures. While no flaw can be fixed in existing Apple CPUs, preventive measures and careful software practices can help mitigate the risk. By staying up-to-date and following recommended security practices, users can minimize the impact of the GoFetch vulnerability and protect their sensitive data.