A vulnerability inherent in Intel and AMD processors, used in most laptops, desktops and server computers, could allow attackers to discover private keys in specific cases. The impact of this flaw seems limited for the security of Bitcoin and other cryptocurrencies, but we will explain its characteristics here.
The alert was recently given in the Bitcoin Optech newsletter: American academics had already reported the flaw to Intel, Cloudflare and Microsoft in the third quarter of 2021 and to AMD in the first quarter of 2022. But Intel initially requested that it be kept under embargo until June 14, 2022. The attacker who exploits this flaw would be able to discover private keys when they are used to create signatures, whether for Bitcoin transactions or for any other cryptographic operation.
In order for the vulnerability to be exploited, it would be necessary for the attacker to be able to measure either the power consumption of a CPU chip or the duration of certain parts of the signing operation. Even a secure code specifically designed to always use the same type and the same number of CPU operations (in order to prevent information from leaking to attackers) can be impacted.
Concretely, the attack is based on the energy-saving functions of the processors, which cause the frequency to fluctuate according to the processing needs. Better known by the term dynamic frequency scaling, they ensure that the system remains below the power and thermal limits (during high CPU loads).
At this point, the importance of this vulnerability for Bitcoin users is not yet entirely clear. As such, the vulnerability would be more likely to affect frequently used active wallets, such as those used by hosted services or Lightning Network routing nodes, or in the event of address reuse. Wallets that are mostly or entirely offline or that are used in secure environments would be much more resistant to attacks.
This type of vulnerability is already documented for some wallets, including well-known hardware signature devices: they use a signature generation code potentially vulnerable to power and synchronization analysis. In the end, therefore, it would not change much in this context. In the case of applications with a more secure code, it is possible that developers can put in place additional protections.
It should be emphasized that neither Intel nor AMD plan to deploy micro-code patches, if only to limit the impact of HertzBleed. However, Intel has issued tips to mitigate the vulnerability in software libraries, which can be usefully exploited by developers. A more expeditious approach would be to disable the frequency variation, called “Turbo boost” by Intel and “Turbo Core” by AMD, by intervening directly in the BIOS. This unfortunately comes at the cost of significantly degraded performance.
In practice, the exploitability of this flaw seems extremely reduced and our cryptos can still sleep safely in our wallets !
Receive a digest of the news in the world of cryptocurrencies by subscribing to our new daily and weekly newsletter service so you don’t miss anything essential Cointribune!
Computer entrepreneur and resident in African lands for about fifteen years.
In this uncertain and faltering world, I consider bitcoin and cryptos to be one of the best opportunities in the face of the challenges that await us.