Apple M-series CPU vulnerability enables attackers to purloin cryptographic keys from Macs

US researchers find baked-in flaw

Apple M-series CPU vulnerability enables attackers to purloin cryptographic keys from Macs

GoFetch cache side-channel attack potentially exposes Apple M-series CPUs to key extractions

A new vulnerability in Apple's M-series CPUs, dubbed GoFetch, exposes cryptographic keys in Macs and Macbooks to potential theft.

The team of US-based researchers built a proof of concept, which highlighted how a malicious application running locally could steal crytographic keys.

As the flaw is baked-in to the M-series microarchitecture, it cannot be directly patched and any fix – such as disabling the vulnerable chip feature – will come at the cost of CPU performance.

In the words of the researchers:

"The GoFetch attack is based on a CPU feature called data memory-dependent prefetcher (DMP), which is present in the latest Apple processors. We reverse-engineered DMPs on Apple M-series CPUs and found that the DMP activates (and attempts to dereference) data loaded from memory that ‘looks like' a pointer. This explicitly violates a requirement of the constant-time programming paradigm, which forbids mixing data and memory access patterns.

"To exploit the DMP, we crafted chosen inputs to cryptographic operations, in a way where pointer-like values only appear if we have correctly guessed some bits of the secret key. We verify these guesses by monitoring whether the DMP performs a dereference through cache-timing analysis. Once we make a correct guess, we proceed to guess the next batch of key bits

"Using this approach, we show end-to-end key extraction attacks on popular constant-time implementations of classical... and post-quantum cryptography."

The proof of concept code will be released shortly, promise the researchers.

The researchers primarily mounted GoFetch vulnerabilities on Apple hardware running M1 CPUs, but found that M2 and M3 processors were similarly vulnerable. They also analysed Intel's Raptor Lake microarchitecture CPUs and found that, while it also features a DMP, the activation criteria are more restrictive, making it harder to exploit.

The work of the team behind GoFetch was built on Augury, published in 2022, which highlighted a security issue with Apple's series of processors, including the A14, M1 and M1 Max, due to shortcomings in the implementation of the DMP. While the DMP can be disabled in the M3 CPU, this is not the case for the M1 and M2. It can also be disabled in Intel Raptor Lake processors.

GoFetch represents a side-channel attack, an attack that exploits fundamental ways in which a computer protocol or algorithm is implemented and runs, rather than shortcomings in the protocol or algorithm. As such, that makes attacks that exploit the chip flaw potentially devastating, as well as presenting challenges in terms of fixing it in ways that don't break anything fundamental.