A team of experts from various American universities has discovered a new security vulnerability in Apple Inc.’s M-series processors that could potentially be used to extract secret keys from Mac devices during encryption operations.The researchers have named this vulnerability “GoFetch.” It manipulates Data Memory-Dependent Prefetchers (DMPs), which are designed to predict and retrieve upcoming data to enhance processing speed. Still, this method could unintentionally reveal details about the system’s functioning, thereby posing a security risk. GoFetch is a more sophisticated version of the Augury attack method, which first appeared in 2022.The study highlights DMPs, particularly those in Apple’s processors, as a significant risk to constant-time programming models’ security. The researchers discovered that the GoFetch tool can extract a 2048-bit RSA key in less than an hour and a 2048-bit Diffie-Hellman key in just over two hours.The researchers confirmed the M1 processors’ susceptibility to this exploit, suggesting that the M2 and M3 chips, due to similar prefetching behavior, may also be vulnerable. While Apple is currently investigating the issue, resolving it completely may prove challenging.The researchers suggested various preventative measures, though these could necessitate significant hardware alterations or might substantially affect performance. This vulnerability underscores the necessity of constantly monitoring and upgrading security measures to fend off any potential cybersecurity threats.For more details on the GoFetch attack, the researchers’ technical paper provides more information, and a proof-of-concept exploit is expected to be released soon.The material has been provided by InstaForex Company – www.instaforex.com
- Russia’s GDP Monthly Growth Slows to 4.2% in March 2024 - April 27, 2024
- Russia’s Unemployment Rate Drops Slightly to 2.7% in March 2024 - April 27, 2024
- Russian Real Wage Growth Surges to 10.8% in February 2024 - April 27, 2024