Vulnerability in Apple chips could leak cryptographic keys

A vulnerability that mainly affects Apple but also Intel chips can cause cryptographic keys to leak.

Researchers discovered a vulnerability in multiple Apple devices. This can lead to cryptographic keys being stolen. This allows hackers to log in to all your accounts and steal your data.

The vulnerability becomes GoFetch and was discovered by researchers at six different universities. They note that the problem is most pronounced at Apple, but that Intel processors are also basically vulnerable. In the latter case it turns out to be a little more difficult to actually get into the system, but the risks are there.

DMP at Apple and Intel

The vulnerability is located in a specific part of modern computer chips: the ‘data memory-dependent prefetchers’ or DMPs. These DMPs are in Apple’s M processors and in all thirteenth generation chips from Intel and newer. Such a DMP is not necessarily necessary, but it does help the system respond more quickly to what you do. The chip component will try to predict what data your processor needs to do its work, and then retrieve that data in advance. This way the CPU can actually skip a step and work just a little bit smoother.

At Apple, the DMP does not seem to be optimally adjusted. Normally there are all kinds of safeguards for such a process. Among other things, the principle of ‘constant time’ is used to protect CPUs. This means that all operations take the same amount of time, regardless of how quickly they could be completed. This way it is unclear what exactly is happening, which makes it more difficult for hackers to get a handle on something.

Not so constant time

Only: at Apple they have not adhered very well to the principles of that constant time. The intention is that all operations take the same time, but that is not the case with Apple. The duration depends on what exactly is being searched for. Cybercriminals can use that difference in time to retrieve sensitive information. The researchers designed special instructions that allowed them to retrieve small pieces of those keys. Over time, the researchers had a complete key in their hands, which shows that the leak could indeed have consequences.

The researchers managed to obtain such a key on a Macbook with M1 chip. M2 and M3 chips work approximately the same, which means they are also at risk. Intel processors also have a DMP, but it turns out to be a little more difficult to activate. On Apple devices, any program can activate the DMP, which leaves the door wide open for abuse.

Protect yourself

As a user you can do little or nothing to protect yourself. With M3 chips the DMP can be disabled, but this is not the case for the predecessors. However, if you disable that component, you will notice that the PC works less quickly. The best advice is to only install apps that you trust 100%. This way you won’t have to worry about GoFetch as much.

Featured article

Apple MacBook Air M3

Apple unveils more powerful Macbook Air with M3 chip