☠️ If you own Bitcoin or cryptoshitcoins, use AMD or INTEL then you should read

[Ayazura]

☠️ If you own Bitcoin or cryptoshitcoins, use AMD or INTEL then you should read this....

Scientists from the University of Texas at Austin, the University of Illinois at Urbana-Champaign and the University of Washington say that attackers can use a vulnerability called "Hertzleed" to gain access to private keys in cryptographic libraries.

The problem has been identified in Intel's 8th to 11th generation desktop and laptop chips based on the Core microarchitecture, as well as AMD Ryzen chips based on the Zen 2 and Zen 3 architectures. The vulnerability was reported by Tom's Hardware Computer Division.

Earlier this year, Intel introduced its own processor for cryptocurrency mining.

Hertzleed attack

Hertzbleed is a new type of side-channel attack based on dynamic frequency management features (hence the name: Hertz (Hertz) and bleed (data suppression)). The study states:

"In the worst case, these attacks allow access to cryptographic keys on remote servers by analysing the computation time in cryptographic libraries. Previously, these libraries were considered hacker-proof.

The Hertzbleed attack analyses the dynamic frequency under various workloads and breaks the encryption by guessing and manipulating the ciphertext.

Dynamic frequency and voltage scaling (DVFS) is a feature that reduces power consumption. However, attackers can understand the difference in power consumption by analysing the server response time to certain requests.

"Hertzbleed is a real and practically possible security threat," the researchers noted.


How to protect yourself

Intel and AMD currently have no plans to deploy Hertzleed firmware patches, but there are steps users can take themselves.

Chip manufacturers advise disabling dynamic frequency control to protect against Hertzbleed. On Intel processors it is called Turbo Boost, and on AMD it is called Turbo Core or Precision Boost. Companies are confident that this will not affect processor performance.

According to senior director of public relations and incident response Jerry Bryant, this attack has no practical application outside the lab, as it would take an hour or even days to steal the keys. He also added that "cryptographic solutions that are immune to side-channel power analysis attacks are not affected by this vulnerability.


https://www.tomshardware.com/news/intel-amd-hertzbleed-cpu-vulnerability-boost-clock-speed-steal-crypto-keys/
https://www.reddit.com/r/bitcoincashSV/comments/vdlsv2/if_you_own_bitcoin_or_cryptoshitcoins_use_amd_or/

[1715459979]

1715459979

[1715459979]

1715459979

[1715459979]

1715459979

[1715459979]

1715459979

[1715459979]

1715459979

[1715459979]

1715459979

[Husires]

So far, it is not a vulnerability, but rather an exploit for dynamic frequency scaling, which is used to save power and to ensure that the system stays below the temperature limits. in encryption.

It was reported in the third quarter of 2021 and we have not heard of a confirmed hacking case, so in theory you are in danger, but it is not a direct threat.

[Bitcoin_Arena]

Hahaha you really couldn't help it but share BSV reddit link on a Bitcoin discussion forum, could you? To make matters more interesting, another BSV shill replied to bump the thread after you posted, and it got ignored. I know you are alts but let's just say, "BSV fans, very amusing!!!"

Secondly, who in their right mind even uses a regular computer that connects to the internet to store lots of crypto  
It's fair for small amounts, but not your big stash or long term HODL.

[franky1]

here is the thing though..
if a hacker has to have monitoring software at CPU flop/cycle level on a remote victims PC(one of the requirements to do the exploit). and have to do alot of brute forcing on the victims pc of key generation to then find a frequency pattern of what a key generation looks like.. and comparison  of data to try finding a key.. flowing through a cpu.. and snipping out the useful data compared to the other data a CPU multitasks with..

.. he might aswell just put a keylogger or screen snapshot trojan on your system instead..

[DaveF]

.. he might aswell just put a keylogger or screen snapshot trojan on your system instead..

I have been saying things like that for years. If you spend all your time worrying about these types of attacks, you are going to wind up doing so many bizarre things to attempt to mitigate them that you are probably going to make it worse.

I really wonder in the end how much more money was lost due to efficiency hits as people disabled all the performance enhancements worrying about Spectre / Meltdown and wound up buying newer machines vs. the potential financial / cost of data loss if they just kept running with them enabled.

-Dave

[NotATether]

Issue does not affect Bitcoin Core. This is the method used for comparing passwords entered inside the client inside strencodings.h:

Code:

/**
 * Timing-attack-resistant comparison.
 * Takes time proportional to length
 * of first argument. 
 */ 
template <typename T>
bool TimingResistantEqual(const T& a, const T& b)                               {
    if (b.size() == 0) return a.size() == 0;
    size_t accumulator = a.size() ^ b.size();
    for (size_t i = 0; i < a.size(); i++) 
        accumulator |= size_t(a[i] ^ b[i%b.size()]);
    return accumulator == 0;
}

This method thwarts power analysis attacks.

I can imagine that libsecp256k1 generates private keys in a similar timing resistant way, so this really only affects other wallets that are using comparison & generation methods in other languages (like Python or JS) that are not hardened against this.

[Thepuj]

I really recommend looking into the full paper: https://www.hertzbleed.com/hertzbleed.pdf

They point to the paper "Luca De Feo, Nadia El Mrabet, Aymeric Genêt, Novak Kalud̄erović, Natacha Linard de Guertechin, Simon Pontié, and Élise Tasso. SIKE channels. Cryptology ePrint Archive, Report 2022/054, 2022." https://eprint.iacr.org/2022/054 which describes the main problem: a zero-value attack on the crypto algorithm. It is possible to construct input data for the algorithm SIKE where it can get on a sequence of all zeros in its calculation. They do describe in section 5 countermeasures.

Only because the selected crypto algorithm generates a sequence of calculations with zeros is there a big difference in CPU calculations, which lead to the CPU changing frequency. I don't see for now a general problem. Nonetheless software developers should be aware of this type of attack.

[ajaxtempest]

Mine are in air gapped raspberry pi 400 with arm x64 arch with broadcom cpu. Ubuntu FTW!