Hertzbleed exploit uses turbo boost to steal cryptographic keys

Specter and Meltdown were and are issues in AMD’s, Arms’ and Intel’s processors through which knowledgeable users could theoretically steal data by accessing the affected processor’s cache. These gaps have been closed with updates as far as possible, but there is never absolute security, as can now be seen in the new so-called “Hertzbleed” exploit. This uses a modern feature that players and users alike use, the CPU boost.

Intel Core i9 13900: Alleged data and benchmarks for Raptor Lake leaked

Processors of all current series from AMD and Intel have these technologies and should thus optimize the performance of the users and at the same time ensure maximum efficiency. However, the boost behavior of the processors can apparently be used to determine which cryptographic process the processor is currently performing in relation to the power consumption, and important AES keys can be extracted as a result. The precise technology used for this is “Dynamic Voltage Frequency Scaling” (DVFS), which all current processors have.

If this information is logged long enough, it can be converted into appropriate timing data that can be used for extraction. Both AMD and Intel have already acknowledged this problem and list it under the terms CVE-2022-24436 ID and Intel-SA-00698ID as well as CVE-2022-23823 (AMD). All Intel processors and AMD’s Zen 2 and Zen 3 are affected. There is no need for physical access to the computer to exploit.

Both AMD and Intel are planning the fastest possible microcode modifications to prevent the problem. However, the partial all-clear can be given, according to Intel’s engineers such an extraction process would take several hours in the real world and is totally impractical. More interesting, however, is the question of how much power the corresponding microcode updates will need.

Source: tech powerup