A newly discovered vulnerability in Apple’s M-series of chips has been revealed by academic researchers, allowing attackers to extract secret keys from Macs during widely used cryptographic operations. The flaw, a side channel that permits end-to-end key extractions, cannot be directly patched due to its roots in the microarchitectural design of the silicon itself. Instead, it can only be mitigated by integrating defenses into third-party cryptographic software, potentially leading to a significant performance toll on M-series chips, particularly the earlier M1 and M2 generations.
The vulnerability can be exploited when the targeted cryptographic operation and the malicious application with normal user system privileges run on the same CPU cluster. The threat lies in the chips’ data memory-dependent prefetcher (DMP), a hardware optimization that predicts memory addresses of data likely to be accessed in the near future. While reducing latency between main memory and the CPU, the DMP opens a side channel that malicious processes can probe to obtain secret key material from cryptographic operations.
Security experts have long been aware that classical prefetchers create a side channel that can be exploited by malicious processes to obtain secret key material from cryptographic operations. In response, cryptographic engineers have developed constant-time programming to ensure that all operations take the same amount of time to complete, regardless of their operands.
The breakthrough of the new research is the exposure of a previously overlooked behavior of DMPs in Apple silicon, where they sometimes confuse memory content, such as key material, with the pointer value used to load other data. This ‘dereferencing’ of ‘pointers’—the reading of data and leaking it through a side channel—is a significant violation.
Fixing this newly discovered vulnerability is expected to have a major impact on the performance of M-series chips, with the need to integrate defenses into third-party cryptographic software. The implications of this security flaw in Apple’s chips are significant, and the tech giant will likely need to address this issue with urgency to prevent potential exploitation by attackers.