Researchers discover critical vulnerability in Apple M-Series chips


  • A vulnerability in Apple’s M-series chips allows the extraction of cryptographic keys due to a flaw in the chip’s design.
  • The GoFetch attack, developed by researchers, can exploit this vulnerability without needing root access, affecting various types of cryptographic keys.
  • Mitigating this issue requires additional security measures in software, potentially impacting the performance of cryptographic operations on M-series chips.

Academic researchers have identified a new vulnerability within Apple’s M-series chips that could allow attackers to extract cryptographic keys from Mac devices. 

According to technology blog Ars Technica, this flaw is deeply rooted in the microarchitectural design of the silicon, rendering it impossible to rectify through conventional software patches. Instead, mitigating this risk necessitates modifications to third-party encryption software, which may adversely affect the performance of cryptographic operations, particularly on the earlier M1 and M2 chip models.

Mitigation efforts and the challenges

The vulnerability exploits the data memory-dependent prefetcher (DMP), a hardware optimization in Apple’s silicon that aims to improve computing efficiency by preloading anticipated data into the CPU cache. However, this feature inadvertently creates a side channel that could be leveraged to access and leak cryptographic keys. The exploit, dubbed GoFetch by the researchers, is notable for its ability to mine secrets without requiring elevated system privileges, only necessitating the same level of access as most third-party applications on macOS.

GoFetch has been demonstrated to be effective against a range of encryption standards, including those designed to withstand future quantum computing threats. The attack’s efficacy is showcased through its capability to extract various types of cryptographic keys within feasible timeframes, presenting a tangible threat to data security.

Addressing this vulnerability is complex due to its hardware basis. Among the proposed countermeasures is ciphertext blinding, although this method is specific to certain algorithms and could double the computing resources required for processes like Diffie-Hellman key exchanges. Alternatively, running cryptographic operations on the M-series’ efficiency cores, which lack DMP, has been suggested, though this, too, comes with limitations.

This vulnerability highlights the challenges of securing cryptographic operations against microarchitectural side channels. The research team has called for a collective approach to the hardware-software interface to better protect against such vulnerabilities, suggesting mechanisms for selectively disabling the DMP during critical security operations.

Disclaimer. The information provided is not trading advice. Cryptopolitan.com holds no liability for any investments made based on the information provided on this page. We strongly recommend independent research and/or consultation with a qualified professional before making any investment decisions.

Share link:

Damilola Lawrence

Damilola is a crypto enthusiast, content writer, and journalist. When he is not writing, he spends most of his time reading and keeping tabs on exciting projects in the blockchain space. He also studies the ramifications of Web3 and blockchain development to have a stake in the future economy.

Most read

Loading Most Read articles...

Stay on top of crypto news, get daily updates in your inbox

Related News

Elon Musk continues to ruin Twitter's legacy, now wants you to pay before you tweet
Subscribe to CryptoPolitan