A team of researchers from prestigious universities in the United States have uncovered a vulnerability in the Apple Silicon chip that allows thieves to steal encryption keys from the CPU using a side channel attack method. This vulnerability, known as GoFetch, exploits the operation of a feature in the CPU called data memory-dependent prefetcher (DMP), which predicts the location of the memory unit that will be accessed in the future and fetches the data to cache to accelerate processing efficiency.
While similar features exist in other CPUs like Intel Raptor Lake, the DMP implementation in Apple’s chips is flawed as it fetches data to cache using a pointer-like structure, enabling unauthorized access to cache data and potential data inference (researchers confirmed that Intel’s side was impenetrable). The research team developed a proof-of-concept app to test this vulnerability and successfully extracted the encryption key stored in the cache within an hour of running the app.
The researchers notified Apple of this issue in December 2023 and eventually made the vulnerability public after an appropriate amount of time had passed. Apple has yet to announce specific measures to address this concern. While the GoFetch test app focused on Apple M1, the researchers speculate that Apple M2 and M3, which share a similar structure, may also be susceptible. The DMP feature can be disabled only on certain CPU models like M3, but not on M1 and M2.
TLDR: Researchers discovered a vulnerability named GoFetch in Apple Silicon chips, allowing unauthorized access to encryption keys via cache data. Apple has been informed, but no specific response has been provided yet.
Leave a Comment