Apple M-series chips have serious security flaw baked in, fix will result in performance hit

A team of researchers has uncovered a serious security vulnerability dubbed “GoFetch” in Apple’s vaunted M-series silicon. The researchers created an app also called GoFetch that can extract keys for cryptography methods including 2048-bit RSA keys, DH-2048, Kyber-512 and Dilithium-2 in timeframes ranging from under an hour to around 10 hours. The flaw is said to particularly affect Apple’s M1 and M2-based chips and exploits what is known as a “side-channel” in the way the chips execute end-to-end key extractions related to typical security related scripts including authentication tasks that require security keys and encryption. 

Apple has made a tool it calls CryptoKit to help make it easier for developers to deploy security controls for their apps, but the issue isn’t with Apple’s software, but with the chips’ microarchitecture. Resultantly, an attacker can extract otherwise secret keys to decrypt data. As the vulnerability is baked into the silicon and the way certain cryptographics tasks are handled, the only way to fix it will be for Apple to issue a software patch. However, as Ars Technica highlights, patching the flaw in this way will result in a significant hit to performance.

The chip-level vulnerability recalls the silicon-level security vulnerabilities like Meltdown and Spectre which affected some Intel, AMD, IBM and some Arm-based chips. In one test, following the application of a patch to address Spectre-V2, an Intel Core i9-12900K (Alder Lake) chip saw performance hits between 14.5% and 26.7%. Apple is yet to officially respond to the researcher’s claims, but the researchers have alerted Apple to the issue and patch should be forthcoming if indeed Apple hasn’t already addressed it.