0
0
New research shows that malicious players can steal cryptographic keys on Intel and AMD processors using a side-channel vulnerability attack known as āHertzbleed,ā Tomās Hardware reported.
According to the researchers, attackers can steal Advanced Encryption Standard (AES) cryptographic keys by monitoring a computerās boost frequency and power mechanisms.
The researchers have only been able to identify the vulnerability in Intel and AMD CPUs, but other computers may also be affected.
The report was compiled by researchers from the University of Texas, Austin, University of Illinois Urbana-Champaign, and the University of Washington.
Per the report, this side-channel attack steals data by monitoring the impact of an operation on a system. The attack observes the energy impression of any stipulated cryptographic workload since power signatures vary on different systems.
The attacker can then transform the obtained energy information into timing data to steal the cryptographic keys. Hackers can also use the Hertzbleed attack remotely.
Hertzbleed is a new family of side-channel attacks: frequency side channels. In the worst case, these attacks can allow an attacker to extract cryptographic keys from remote servers that were previously believed to be secure.
While only Intel and AMD processors have been tested, all modern CPUs are likely vulnerable as most possess a power algorithm called Dynamic Voltage Frequency Scaling (DVFS), which hackers can monitor.
The vulnerability affects all Intel processors, alongside AMDās Zen 2 and Zen 3 system processors.
According to available information, the chip giants have no plans to deploy aĀ firmware patch.
The report advises users to disable the frequency boost feature. On Intel, it is known as āTurbo boostā and āPrecision boostā on AMD. However, that could affect their systemās performance.
Intel also revealed that it had shared the result of its investigations with other chip makers for similar assessments of their systems. It continued that the hours required to steal the cryptographic keys might be challenging to achieve except in a lab setting.
The post Hackers can steal crypto keys on Intel, AMD CPUs via āHertzbleedā vulnerability appeared first on CryptoSlate.
0
0
Manage all your crypto, NFT and DeFi from one placeSecurely connect the portfolio youāre using to start.
0
0
