Hackers Can Access Cryptographic Private Keys Of Mac Users

Apple recently encountered a critical vulnerability enabling the extraction of sensitive data. Numerous concerns were raised following the discovery of a potentially catastrophic flaw in the Apple M-series chips, which could apparently allow hackers to obtain the cryptographic private keys of Mac users. Without a direct solution, researchers propose an alternative approach, which could severely impact performance.

Vulnerability In M-Series Chips Enables Key Retrieval

The identified vulnerability operates as a side channel, facilitating the retrieval of end-to-end keys during the execution of common cryptographic protocols on Apple chips. Due to its microarchitectural nature, direct patching is not feasible, unlike conventional vulnerabilities.

Instead, the report suggests integrating defenses into third-party cryptographic software as a solution. However, this method might significantly impact the performance of M-series chips during cryptographic tasks, particularly noticeable in earlier generations like M1 and M2.

The researchers further explain that the vulnerability is exploited when both the targeted cryptographic operation and a malicious application, operating with standard user system privileges, are processed on the same CPU cluster.

The key insight is that while the DMP only dereferences pointers, an attacker can craft program inputs so that when those inputs mix with cryptographic secrets, the resulting intermediate state can be engineered to look like a pointer if and only if the secret satisfies an attacker-chosen predicate.

The GoFetch Exploit

The latest research reveals an overlooked issue concerning DMPs within Apple silicon. In specific scenarios, these DMPs misinterpret memory content, including critical key material, as the pointer value used for loading other data. Consequently, the DMP frequently accesses and interprets this data as an address, leading to memory access attempts, as explained by the team of researchers.

This process, termed dereferencing of pointers, involves reading data and inadvertently leaking it through a side channel, representing a clear breach of the constant-time paradigm. The researchers identify the exploit as GoFetch, operating under the same user privileges as most third-party applications, targeting vulnerabilities in clusters of M-series chips. It affects both classical and quantum-resistant encryption algorithms, with extraction times varying between minutes to hours depending on the key size.

Press Release