Serious security vulnerability in Apple processor series leads to leakage of encryption keys – Apple

A security vulnerability was recently discovered in the Apple M series processors It allows encryption keys to be maliciously extracted from Mac computers Academic researchers revealed in a study published on Thursday that these processors are stabilized when running widely used encryption procedures.

The design flaw — a side channel that allows key extraction when Apple processors run widely used cryptographic protocols — cannot be fixed directly, because it stems from the architectural design of the microprocessor itself. The only way to address the issue is to program the impellers through a third-party encoder, but this can significantly limit the performance of the M Series when these processors are running encoders, especially in older M1 and M2 models. This vulnerability was discovered when the targeted cryptographic process and the malicious application with normal system user privileges were running on the same processor.

The problem lies in the part of the processor that predicts the memory addresses that code that is actually being executed is likely to access in the near future. By loading this data into the processor's cache before it's needed, DMP (memory-based prefetching) reduces latency between main memory and the processor, a point that often leads to delays in modern computing. DMPs are a relatively recent development and are only found in Apple's M-series processors as well as Intel's 13th generation Raptor Lake architecture, although older forms of preloading have been around for several years.

Security experts have long known that classic preloading mechanisms open a side channel that various malicious processes can exploit to extract encryption keys. This weakness stems from the fact that preloading mechanisms make predictions based on previous access patterns, which can create situations that can lead to information leakage. To address this problem, cryptographic engineers have turned to timed programming, an approach that ensures that all operations take the same amount of time to complete, regardless of the identity of the executors.

The important development that resulted from it From recent research It's about discovering a previously unrecognized behavior of DMPs in Apple processors: they sometimes confuse memory contents, such as hardware associated with encryption keys, with the value of the token used to load other data. The result is that the DMP often reads the data and tries to treat it as an address to perform the memory access action. This misinterpretation of pointers, i.e. reading data and leaking it through a side channel, is a serious violation of its constant time principle.

The researchers explain in their email that the attack they attempted exploits this very point. They were able to modify the intermediate data of the encryption algorithm to look like a pointer. So the DMP sees that the data value “looks” like a memory address, so it moves the data from there to the cache, where the so-called address leaks out.

Their main conclusion is that although DMP only misinterprets pointers, an attacker can inject data that, when combined with cryptographic elements, results in an intermediate result pointing to the pointer, as long as the secret satisfies an attacker-specified parameter. For example, suppose a program has the secret s, and takes x as new data, so it calculates and then stores y = s ⊕ x in the program's memory. An attacker can configure different x's and infer fragmented (or even complete) information about s by observing whether the DMP is able to misinterpret y. Researchers exploited this observation to break standard time-order guarantees used in cryptographic applications. They then showed how they were able to crack entire cryptographic implementations designed to be secure against specific input attacks.

As with other side channels resulting from microprocessor architecture, what specifically enables this attack cannot be patched at the hardware level. Instead, responsibility for mitigating the negative impacts of this vulnerability goes to the people who develop the code that will run on Apple computers. For developers developing encoders that run on M1 and M2 processors, this means that in addition to timed programming, they will need to incorporate other defenses, almost all of which come with significant performance costs.

In their study, the researchers mention a number of these defenses, which, however, increase the time for completing the disputed procedures, certainly not to an insignificant extent.

The DMP in the M3, Apple's latest processor, has a special feature in its architecture that developers can exploit to enable this feature. Researchers don't yet know what kind of load would result from disabling a system specifically designed to boost processor performance. (The researchers point out that the built-in DMP in Intel's Raptor Lake processors does not leak the same types of cryptographic secrets as Apple's processors. Additionally, specifying a special DOIT effectively disables the DMP.)

It should be noted that any charges that arise will only be felt when the affected software performs specific encryption actions. In the case of web browsers and many other classes of applications, the performance overhead may not be noticeable.

When Apple representatives were asked to comment on the scope of the investigation, they did not want to make a statement.