Hertzbleed explained
Blog post from Cloudflare
The Hertzbleed attack is a new type of side-channel attack that exploits changes in CPU frequency to compromise cryptographic software. It demonstrates that dynamic voltage and frequency scaling (DVFS), a power management scheme of modern x86 processors, depends on the data being processed. This vulnerability can lead to different CPU P-state distribution and execution time depending on the input data, potentially allowing an attacker to infer secret information from program's running time. Cryptographic algorithms that rely on constant-time execution are particularly vulnerable to this type of attack. The Supersingular Isogeny Key Encapsulation (SIKE) protocol is one example of a cryptographic algorithm that can be exploited by Hertzbleed. To mitigate the risk, developers should enforce strict validation of untrusted inputs and consider potential countermeasures against DVFS-based side-channel attacks.
No tracked trend matches for this post yet.
Use this post, company, and trend context to find content marketing opportunities, perform competitive analysis, or address product feature gaps via the Plushcap MCP server or the Plushcap API.