苹果芯片被曝安全漏洞 钱包密钥存在泄露可能

Author's source: academic researchers said that a new security vulnerability was discovered in Apple's series of chips. This vulnerability allows attackers to extract keys from computers when performing widely used encryption operations. The vulnerability cannot be solved by directly patching the chips, but it can only rely on third-party encryption software, but this may lead to a significant decline in performance. Researchers have tested that this vulnerability poses a threat to various encryption implementations. At present, the key has been extracted from and. Attackers can steal keys. The vulnerability stems from data memory dependence. Prefetcher can predict the memory address to be accessed for short, so as to improve the efficiency of the processor. However, sometimes sensitive data such as keys are mistakenly confused with memory address pointers. Attackers can indirectly disclose key information by manipulating the intermediate data in the encryption algorithm to make it look like an address under a specific input. This attack does not immediately crack the encryption key, but the attack can be repeated until the key is exposed. Researchers claim that this attack can be attacked. The classical encryption algorithm can also attack the latest quantum enhancement algorithm. As for its effectiveness, the researcher's test application can extract the bit key in less than an hour, while it takes more than two hours to extract the bit key, and it takes ten hours to obtain the key except the offline processing time. The main problem of this attack is that the apple chip itself is difficult to repair because it belongs to the core part of its apple chip, and it can only rely on third-party encryption software to increase defense measures. All the solutions will increase the workload required to perform the operation, which will affect the performance, especially for the series of chips. This decline in performance may be more obvious. Apple refused to comment on this matter. Researchers claimed that they made responsible disclosure to Apple before publicly releasing the report, and informed the company's users and software developers on May that they may need to pay close attention to future updates and mitigation measures related to this vulnerability in other operating systems. Chip vulnerabilities have been repeatedly exposed. It is mentioned that some researchers pointed out that there was a vulnerability named Apple chip in 2008. At that time, the so-called vulnerability was not considered to pose a major threat. In addition, researchers at the Massachusetts Institute of Technology discovered an irreparable vulnerability named in 2008, which used the pointer authentication process to create a bypass attack chip vulnerability, which may be a big problem for equipment manufacturers, especially when the operating system and software had to be changed. There are security vulnerabilities in devices and almost all devices produced since 2000, which depend on speculative execution, that is, the chip can improve the speed by processing multiple instructions at the same time or even out of order. 比特币今日价格行情网_okx交易所app_永续合约_比特币怎么买卖交易_虚拟币交易所平台

注册有任何问题请添加 微信：MVIP619 拉你进入群

文章转载注明 网址：https://netpsp.com/?id=54133