Unpatchable vulnerability in Apple chip leaks secret encryption keys

[seek3r]

Ars is reporting that there's a major silicon level vuln on AS Macs that allows a side channel attack to grab encryption keys and other cryptographic/decrypted data. Looks pretty bad :/

https://arstechnica.com/security/20...secret-encryption-keys-from-apples-mac-chips/

The flaw -- a side channel allowing end-to-end key extractions when Apple chips run implementations of widely used cryptographic protocols -- can't be patched directly because it stems from the microarchitectural design of the silicon itself. Instead, it can only be mitigated by building defenses into third-party cryptographic software that could drastically degrade M-series performance when executing cryptographic operations, particularly on the earlier M1 and M2 generations. The vulnerability can be exploited when the targeted cryptographic operation and the malicious application with normal user system privileges run on the same CPU cluster.

 

[ondioline]

This has been known for awhile too, I assume that’s why the M3 has an added instruction to disable DMP. The previous research was called “augury” from 2022

https://www.prefetchers.info/augury.pdf

 

[August West]

How big a of threat is this to a normal user? I just started using Apple Passwords and think I may delete them and disable it. Trying to figure out if I can disable Apple Keychain too without breaking everything. 3rd party password manager is getting deleted too.

 

[seek3r]

How big a of threat is this to a normal user? I just started using Apple Passwords and think I may delete them and disable it. Trying to figure out if I can disable Apple Keychain too without breaking everything. 3rd party password manager is getting deleted too.

It’s not known to be exploited in the wild, and Apple will likely mitigate it in the OS, I’m not super panicked. It may cause some slowdowns on some ops though to mitigate

If it turns out Apple cant mitigate it *then* I’ll be more worried

 

[Xiao_Xi]

The authors of the paper made a demo video.

GoFetch: Breaking Constant-Time Cryptographic Implementations Using Data Memory-Dependent Prefetchers

A new microarchitectural side-channel attack exploiting data memory-dependent prefetchers in Apple silicons.

gofetch.fail

 

[Analog Kid]

How big a of threat is this to a normal user? I just started using Apple Passwords and think I may delete them and disable it. Trying to figure out if I can disable Apple Keychain too without breaking everything. 3rd party password manager is getting deleted too.

I don't think this is specific to Apple Keychain, I think this is much lower level than that.

The good news is that you don't need to disable the Apple Keychain. The bad news is that you don't need to disable it because all cryptographic operations are compromised regardless of source.

 

[gigapocket1]

Also, iCloud Keychain is the least secure thing Apple provides… I would look for alternatives…

 

[leman]

How big a of threat is this to a normal user? I just started using Apple Passwords and think I may delete them and disable it. Trying to figure out if I can disable Apple Keychain too without breaking everything. 3rd party password manager is getting deleted too.

Probably close to zero. Like most of the attacks of this type it is only possible under very specific circumstances, which are rather unlikely to occur in real world operation. I mean, in order to mitigate this risk it would be sufficient if the OS moves threads between CPU clusters every few minutes. And only some very specific implementations and algorithms are vulnerable. For example anything relying on Apple's Secure Enclave will not be affected as cryptography is not done on the CPU cores.

Also, iCloud Keychain is the least secure thing Apple provides… I would look for alternatives…

Could you provide a bit more context on this?

 

[Weaselboy]

Moderator Note:

Please continue the discussion in the news thread:

Apple Silicon Vulnerability Allows Hackers to Extract Encryption Keys

An unpatchable vulnerability has been discovered in Apple's M-series chips that allows attackers to extract secret encryption keys from Macs under certain conditions, according to a newly published academic research paper (via ArsTechnica). Named "GoFetch," the type of cyber attack described...

forums.macrumors.com