Apple's chips have been exposed to security vulnerabilities, and wallet keys may be leaked

Editor-in-chief: Felix, PANews

On March 21, academic researchers reported the discovery of a new security flaw in Apple’s M-series chips. This vulnerability allows an attacker to extract keys from a Mac computer while performing a widely used cryptographic operation. The vulnerability cannot be solved by patching the chip directly, and only third-party encryption software can be relied upon, but this can lead to a significant decrease in performance.

According to researchers, the vulnerability poses a threat to multiple cryptographic implementations. Keys have been extracted from OpenSSL Diffie-Hellman, Go RSA, and CRYSTALS Kyber and Dilithium.

Attackers can steal keys

The vulnerability stems from the Data Memory-Dependent Prefetcher (DMP), which predicts memory addresses that will be accessed to improve processor efficiency.

However, DMP sometimes mistakenly obfuscates sensitive data such as keys with memory address pointers, and attackers can take advantage of this feature of DMP to indirectly disclose key information by manipulating the intermediate data in the encryption algorithm to make it look like an address under a specific input. This attack is not an immediate cracking of the encryption key. However, the attack can be repeated until the key is exposed.

The researchers claim that this attack can attack both classical encryption algorithms and the latest quantum-enhanced algorithms.

As for its effectiveness, the researchers’ test application was able to extract a 2048-bit RSA key in less than an hour, compared to just over two hours for a 2048-bit Diffie-Hellman key. Excluding offline processing time, it takes ten hours to obtain the Dilithium-2 key.

Apple chip itself is difficult to repair

The main problem with this attack is that because it is a core part of Apple’s Silicon chip, it cannot be patched by itself, so it can only rely on third-party encryption software to add defenses.

The problem is that any mitigation will increase the workload required to perform the operation, which in turn will affect performance, especially for the M1 and M2 series chips, where this performance degradation may be more pronounced.

Apple declined to comment on the matter. The researchers claimed that they made responsible disclosures to Apple before releasing the report publicly, notifying the company on December 5, 2023.

Users and software developers may want to keep an eye out for future Apple updates and mitigations related to this vulnerability in macOS and other operating systems.

Chip vulnerabilities have been repeatedly exposed

It is worth mentioning that some researchers have previously pointed out in 2022 that there is a vulnerability called “Auguri” in the DMP of Apple chips. At the time, the so-called Augury vulnerability was not considered a significant threat."

In addition, researchers at the Massachusetts Institute of Technology discovered an unfixable vulnerability called “PACMAN” in 2022 that exploited the pointer authentication process to create a side-channel attack.

Chip vulnerabilities can be a big problem for device manufacturers, especially when they have to make changes to the operating system and software.

In 2018, vulnerabilities were discovered in the Meltdown and Spectre chips, affecting all Mac and iOS devices, as well as almost all X86 devices manufactured since 1997. These security vulnerabilities rely on “speculative execution,” i.e., the chip can increase speed by processing multiple instructions at the same time, or even out-of-order.

References: Ars Technica, Appleinsider

Related reading: How do Bitcoin “millions” take care of their “huge assets”?