A team of researchers from the University of Texas, University of Illinois Urbana-Champaign, and the University of Washington have shared details of a security issue affecting modern Intel and AMD processors that could allow hackers to steal cryptographic keys from remote servers via a side-channel attack involving observing variations in CPU frequency enabled by dynamic voltage and frequency scaling (DVFS).
The root cause of the issue, dubbed “Hertzbleed,” is dynamic frequency scaling, a feature designed to reduce power consumption (during low CPU loads) and to ensure that the system stays below power and thermal limits (during high CPU loads).
“First, Hertzbleed shows that on modern x86 CPUs, power side-channel attacks can be turned into (even remote!) timing attacks—lifting the need for any power measurement interface. The cause is that, under certain circumstances, periodic CPU frequency adjustments depend on the current CPU power consumption, and these adjustments directly translate to execution time differences (as 1 hertz = 1 cycle per second),” the researchers explained.
“Second, Hertzbleed shows that, even when implemented correctly as constant time, cryptographic code can still leak via remote timing analysis. The result is that current industry guidelines for how to write constant-time code (such as Intel’s one) are insufficient to guarantee constant-time execution on modern processors.”
The issue impacts all Intel processors (CVE-2022-24436) and several AMD products (CVE-2022-23823), including desktop, mobile, Chromebook, and server CPUs. While both Intel and AMD have issued separate advisories, it is understood that both vendors have no plans to release microcode patches to address Hertzbleed, although the companies did provide guidance to mitigate the issue.
“As the vulnerability impacts a cryptographic algorithm having power analysis-based side channel leakages, developers can apply countermeasures on the software code of the algorithm. Either masking, hiding, or key-rotation may be used to mitigate the attack,” AMD stated.
The researchers said that disabling frequency boost can help mitigate Hertzbleed in most cases, but it’s not recommended because it will impact performance. Furthermore, on some custom system configurations (with reduced power limits), data-dependent frequency updates may occur even when frequency boost is disabled, the research team has warned.