GoFetch is a side-channel attack targeting Apple CPUs using data memory-dependent prefetchers (DMPs) to extract secret keys from constant-time cryptographic implementations. The attack can bypass the constant-time programming paradigm by exploiting the DMP’s behavior. GoFetch demonstrates end-to-end key extraction attacks on various cryptographic implementations, such as OpenSSL Diffie-Hellman and RSA, as well as CRYSTALS-Kyber and Dilithium. While Intel processors have a similar feature, the activation criteria are more restrictive. The attack has been tested on Apple m1 processors, with m2 and m3 CPUs showing comparable vulnerability. Suggestions for mitigating the risk include software updates, setting specific bits on CPUs, and input blinding in cryptographic schemes. The researchers will release more information soon, including a logo under CC0 license. The vulnerability was disclosed to Apple 107 days before being made public.
https://gofetch.fail