Hertzbleed Disclosed As New Family Of Side-Channel Attacks Affecting Intel + AMD

Written by Michael Larabel in Linux Security on 14 June 2022 at 01:12 PM EDT. 23 Comments
Hertzbleed has been made public today as a new family of side-channel attacks making use of frequency side channels. Both Intel and AMD have issued security advisories as a result.

Hertzbleed is self-described as:
Hertzbleed takes advantage of our experiments showing that, under certain circumstances, the dynamic frequency scaling of modern x86 processors depends on the data being processed. This means that, on modern processors, the same program can run at a different CPU frequency (and therefore take a different wall time) when computing, for example, 2022 + 23823 compared to 2022 + 24436.

Hertzbleed is a real, and practical, threat to the security of cryptographic software. We have demonstrated how a clever attacker can use a novel chosen-ciphertext attack against SIKE to perform full key extraction via remote timing, despite SIKE being implemented as “constant time”.
First, Hertzbleed shows that on modern x86 CPUs, power side-channel attacks can be turned into (even remote!) timing attacks—lifting the need for any power measurement interface. The cause is that, under certain circumstances, periodic CPU frequency adjustments depend on the current CPU power consumption, and these adjustments directly translate to execution time differences (as 1 hertz = 1 cycle per second).

Second, Hertzbleed shows that, even when implemented correctly as constant time, cryptographic code can still leak via remote timing analysis. The result is that current industry guidelines for how to write constant-time code (such as Intel’s one) are insufficient to guarantee constant-time execution on modern processors.

Intel's security disclosure states that "all" Intel processors are affected while the researchers did verify the past several generations are affected. Intel is recommending software developers follow new guidance to harden their libraries and applications against frequency throttling information disclosure.

Intel has issued a security advisory for Hertzbleed with all Intel CPUs affected.

AMD's security advisory isn't yet public but it's known at least Zen 2 and Zen 3 are affected. Other CPU architectures have not been verified yet but may be affected given their similar approach to frequency scaling.

Aside from hardening your cryptographic software, there isn't a workaround/solution for Hertzbleed besides disabling TurboBoost / Turbo Core / Precision Boost functionality.

More details on this new vulnerability at Hertzbleed.com. Researchers from the University of Illinois Urbana-Champaign, University of Texas at Austin, and University of Washington have been working on Hertzbleed since last year.

Update: Intel has also now published a blog post in regards to today's disclosures. Intel also added, "The throttling side-channel (Hertzbleed) is caused by throttling when system power/current hits certain reactive limit, regardless of whether turbo boost is enabled or not. Please refer to Intel's recommended software guidance for cryptographic implementations to address this issue."

Also disclosed today by Intel is MMIO Stale Data as a separate set of CPU vulnerabilities.
Related News
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week