GoFetch vulnerability in Apple M-series Chips
Share this:
Apple M-series chips are vulnerable to a side-channel attack called GoFetch, which exploits data memory-dependent prefetchers (DMPs) to extract secret encryption keys.
DMP is a feature of some modern processors that use memory access patterns to predict which data might be useful, and preload that data into cache memory for fast access.
GoFetch exploit involves feeding guesses into the targeted cryptographic application and observing changes in memory access on the system, indicating prefetching patterns. By refining their inputs based on the observed changes and correlating signals from the DMP to bits of cryptographic data, an attacker could ultimately infer the targeted encryption keys.
This attack essentially circumvents the safeguards of constant-time cryptography, which prevents side-channel extraction of encryption keys by eliminating any relationship between secret data contents and their execution timing.
The researchers demonstrated that their proof-of-concept exploit works against Go RSA-2048 encryption, OpenSSL Diffie-Hellman key exchange (DHKE), and even the post-quantum encryption protocols CRYSTALS-Kyber and CRYSTALS-Dilithium. The attack takes a minimum of about 49 minutes (against Go RSA keys) and up to 15 hours (against Dilithium keys) to complete on average.
The attack was primarily tested on Apple’s M1 processor, but the group’s investigations of the M2 and M3 CPUs indicated similar DMP activation patterns, suggesting they are likely vulnerable to the same exploit, the researchers said.
The Intel 13th generation Raptor Lake processor also uses a DMP in its microarchitecture, but the researchers found it was not as susceptible to attack due to its more restrictive activation criteria.
The attack requires the attacker’s GoFetch process to run locally on the same machine as the targeted process, so avoiding the installation of suspicious programs is one line of defense.
The researchers also noted that DMP does not activate for processes running on Apple’s Icestorm efficiency cores. Restricting cryptographic processes to these smaller cores will prevent GoFetch attacks but will also likely result in a performance reduction.
Cryptographic software providers can also use techniques like input blinding to mask the contents being fetched, but this also presents challenges in terms of performance penalties. Overall, users are recommended to keep any cryptographic software up to date as providers make changes to counter side-channel attack risks.
The GoFetch vulnerability was disclosed to Apple in December 2023, and the researchers’ paper states Apple was investigating the PoC. The vulnerability was also reported to the Go Crypto, OpenSSL, and CRYSTAL teams. Go Crypto said the attack was considered low severity, OpenSSL said local side-channel attacks fall outside of its threat model, and CRYSTALS acknowledged that hardware fixes would be needed to resolve the issue in the long term.
