“GoFetch” Attack Unlocks Encrypted Data, Putting Apple and Intel Users at Risk

A bombshell discovery from top-tier cybersecurity researchers has unveiled a critical vulnerability affecting the heart of both Apple and Intel processors. Developed by a team of researchers from prestigious institutions including UIUC, UT Austin, Georgia Tech, UC Berkeley, the University of Washington, and Carnegie Mellon University, GoFetch exploits a seemingly innocuous feature of modern processors: Data Memory-dependent Prefetchers (DMPs). Initially designed to enhance performance, these DMPs have inadvertently opened security vulnerabilities, particularly against cryptographic protocols thought to be impregnable.

Constant-Time Cryptography Cracked

For years, programmers have meticulously crafted security software based on a fundamental principle: executing cryptographic operations in a fixed time regardless of secret values. This constant-time implementation was considered a strong safeguard against attacks that could infer secrets by measuring minute variations in processing patterns.

GoFetch changes the game entirely. By manipulating a processor feature known as a Data Memory-dependent Prefetcher (DMP), this groundbreaking attack can extract secrets even from these well-protected implementations. DMPs typically speed up your computer by prefetching data they believe the processor will need next.

How GoFetch Attack Works

At its core, GoFetch manipulates DMPs to breach constant-time cryptographic implementations, a method long regarded as a bulwark against side-channel attacks. These attacks exploit variations in execution time, memory access patterns, or other observable system behaviors to extract secret information, such as cryptographic keys. Constant-time implementations are designed to thwart such attacks by ensuring that their operations take the same amount of time, regardless of the input values, effectively masking any potential leakage of sensitive information.

However, GoFetch demonstrates that DMPs can be coerced into revealing secret data, bypassing these constant-time defenses. The researchers have showcased successful attacks against both classical and post-quantum cryptography standards, including RSA decryption and Diffie-Hellman Key Exchange, as well as emerging standards like CRYSTALS-Kyber and CRYSTALS-Dilithium.

GoFetch attack leverages a new type of chosen-input attack, ingeniously using DMP behavior to extract keys from cryptographic algorithms. By carefully crafting inputs that interact with the target program, attackers can induce DMPs to prefetch and reveal information about cached data, effectively turning these prefetchers into unwitting accomplices in the attack.

What’s at Risk

The implications are staggering. GoFetch successfully demonstrated its ability to crack:

• RSA decryption – An integral part of securing online transactions.
• Diffie-Hellman Key Exchange – A foundation for secure online communication.
• CRYSTALS-Kyber and CRYSTALS-Dilithium – Promising post-quantum cryptography algorithms designed to shield against future hacking threats.

The Response

Apple is actively investigating the vulnerability. OpenSSL and Go Crypto have downplayed the immediate threat, highlighting the requirement of local access for a successful attack. The CRYSTALS team, however, has taken the threat very seriously, exploring both short-term mitigations and future hardware changes.

What You Can Do

• Stay Updated: Make sure you’re running the latest version of your operating system and key security software.
• Watch for Patches: If you’re using systems with Apple or Intel processors, keep an eye out for security patches from relevant software vendors.