"GoFetch Attack- Researchers Uncover Unfixable Vulnerability in Apple CPUs Affecting Cryptographic Security"
A team of researchers has detailed a new side-channel attack method dubbed "GoFetch," that exploits an unpatchable vulnerability in Apple's M series of chips and enables threat actors to extract secret keys used in cryptography operations. The method is described as a microarchitectural side-channel attack that can extract secret keys from constant-time cryptographic implementations. The attack is aimed at a hardware optimization known as the Data Memory-Dependent Prefetcher (DMP). It tries to improve performance by prefetching addresses found in program memory. Researchers discovered how to use specially crafted cryptographic operation inputs to infer secret keys, guessing them bits at a time while monitoring the DMP's behavior. This article continues to discuss the GoFetch attack method.
Submitted by grigby1