Categories
News

Apple Silicon Vulnerability Allows Hackers to Extract Encryption Keys

[ad_1]

An unpatchable vulnerability has been discovered in Apple’s M-series chips that allows attackers to extract secret encryption keys from Macs under certain conditions, according to a newly published academic research paper.

m1 vs m2 air feature toned down
Named “GoFetch,” the type of cyber attack described involves Data Memory-Dependent Prefetchers (DMPs), which try to predict what data the computer will need next and retrieve it in advance. This is meant to make processing faster, but it can unintentionally reveal information about what the computer is doing.

The paper finds that DMPs, especially the ones in Apple’s processors, pose a significant threat to the security provided by constant-time programming models, which are used to write programs so that they take the same amount of time to run, no matter what data they’re dealing with.

The constant-time programming model is meant to protect against side-channel attacks, or types of attacks where someone can gain sensitive information from a computer system without directly accessing it (by observing certain patterns, for example). The idea is that if all operations take the same amount of time, there’s less for an attacker to observe and exploit.

However, the paper finds that DMPs, particularly in Apple silicon, can leak information even if the program is designed not to reveal any patterns in how it accesses memory. The new research finds that the DMPs can sometimes confuse memory content, which causes it to treat the data as an address to perform memory access, which goes against the constant-time model.

The authors present GoFetch as a new type of attack that can exploit this vulnerability in DMPs to extract encryption keys from secure software. The attack works against some popular encryption algorithms that are thought to be resistant to side-channel attacks, including both traditional (e.g. OpenSSL Diffie-Hellman Key Exchange, Go RSA decryption) and post-quantum (e.g. CRYSTALS-Kyber and CRYSTALS-Dilithium) cryptographic methods.

In an email to ArsTechnica, the authors explained:

Prefetchers usually look at addresses of accessed data (ignoring values of accessed data) and try to guess future addresses that might be useful. The DMP is different in this sense as in addition to addresses it also uses the data values in order to make predictions (predict addresses to go to and prefetch). In particular, if a data value “looks like” a pointer, it will be treated as an “address” (where in fact it’s actually not!) and the data from this “address” will be brought to the cache. The arrival of this address into the cache is visible, leaking over cache side channels.

Our attack exploits this fact. We cannot leak encryption keys directly, but what we can do is manipulate intermediate data inside the encryption algorithm to look like a pointer via a chosen input attack. The DMP then sees that the data value “looks like” an address, and brings the data from this “address” into the cache, which leaks the “address.” We don’t care about the data value being prefetched, but the fact that the intermediate data looked like an address is visible via a cache channel and is sufficient to reveal the secret key over time.

In summary, the paper shows that the DMP feature in Apple silicon CPUs could be used to bypass security measures in cryptography software that were thought to protect against such leaks, potentially allowing attackers to access sensitive information, such as a 2048-bit RSA key, in some cases in less than an hour.

According to the authors, the flaw in Apple’s chips cannot be patched directly. Instead, the attack vector can only be reduced by building defenses into third-party cryptographic software that could result in an extreme performance degradation when executing the cryptographic operations, particularly on the earlier M1 and M2 chips. The DMP on the M3, Apple’s latest chip, has a special bit that developers can invoke to disable it, but the researchers aren’t yet sure what kind of penalty will occur when this performance optimization is turned off.

As ArsTechnica notes, this isn’t the first time researchers have identified threats in Apple DMPs. Research documented in 2022 discovered one such threat in both the ‌M1‌ and Apple’s A14 Bionic chip for iPhones, which resulted in the “Augury” attack. However, this attack was ultimately unable to extract the sensitive data when constant-time practices were used.

“GoFetch shows that the DMP is significantly more aggressive than previously thought and thus poses a much greater security risk,” the researchers claim on their website. “Specifically, we find that any value loaded from memory is a candidate for being dereferenced (literally!). This allows us to sidestep many of Augury’s limitations and demonstrate end-to-end attacks on real constant-time code.”

Users concerned about the vulnerability are advised to check for GoFetch mitigation updates that become available in future macOS updates for any of the encryption protocols known to be vulnerable. Apple representatives declined to comment on the record when ArsTechnica asked about the research.

[ad_2]

Source Article Link

Categories
News

Lexar SL600 Portable SSD with 256-bit AES encryption 2TB

Lexar SL600 portable SSD

Lexar has introduced the Professional SL600 Portable SSD, designed to cater to the needs of creative professionals such as photographers, videographers, and content creators, as well as business professionals who require efficient file transfer and backup solutions. The device boasts a high-speed USB 3.2 Gen 2×2 interface with read and write speeds reaching up to 2000 MB/s, facilitating quick workflow and data management.

The SL600 is encased in a sturdy aluminum body, making it a reliable choice for those who need their data to be safe while on the move. Whether you’re a photographer transferring photos from a shoot, a gamer saving your latest progress, or a business professional carrying important documents, the SL600 is engineered to protect your data from the wear and tear of daily activities and the unpredictability of travel.

256-bit AES encryption

Security is a top priority for anyone dealing with sensitive information, and Lexar understands this. That’s why they’ve included Lexar DataShield software with the SL600. This software uses 256-bit AES encryption to lock down your files, ensuring that your data remains confidential and protected against unauthorized access.

One of the most notable features of the SL600 is its compatibility. It comes equipped with both USB Type-C and USB Type-A cables, allowing it to connect to a wide range of devices. Whether you’re using a DSLR camera, a PC, a smartphone, or a gaming console, the SL600 is designed to work seamlessly with your technology. This kind of versatility is essential in a world where we’re constantly switching between devices.

Lexar has also thought about the practicality of carrying the device. The SL600 includes a carabiner loop, so you can easily attach it to your bag. This thoughtful design means your SSD is always within reach, ready to be used at a moment’s notice.

The SL600 is available in two sizes: 1 TB and 2 TB. These options cater to different storage requirements, whether you need a moderate amount of space or you’re looking to store a larger volume of data. The pricing is competitive, with the 1 TB model available for $129.99 and the 2 TB model for $174.99. These prices position the SL600 as an accessible option for professionals who need dependable, high-speed storage without breaking the bank.

The Lexar Professional SL600 Portable SSD is a comprehensive storage device that meets the demands of today’s fast-paced, data-centric environment. It combines speed, durability, security, and compatibility in a way that makes it an indispensable tool for anyone who values efficiency and data protection. Whether you’re editing video, managing business documents, or saving precious memories, the SL600 is built to keep up with your workflow and safeguard your information.

Filed Under: Hardware, Top News





Latest timeswonderful Deals

Disclosure: Some of our articles include affiliate links. If you buy something through one of these links, timeswonderful may earn an affiliate commission. Learn about our Disclosure Policy.