A group of cybersecurity researchers funded by the Defense Advanced Research Projects Agency (DARPA) and the US Air Force, published an article, which describes techniques for stealing data from Apple and Qualcomm Arm processors, NVIDIA and AMD discrete graphics accelerators, and integrated graphics in Intel and Apple chips. To do this, researchers use a third-party attack that measures certain physical parameters of the device.
Image source: fre
As part of the new concept, the researchers used the information provided by the dynamic frequency and voltage scaling (DVFS) mechanism implemented in many modern chips. DVFS modulates frequency and power in real-time to keep heat dissipation and TDP at acceptable levels, providing either optimal power efficiency or the best performance for the task at hand.
The researchers’ concept involves collecting and analyzing data from the processor’s internal power sensors, temperature and frequency. By keeping one of the three DVFS variables (power, heat, and operating frequency) constant, researchers can control the other two variables. This allows them to determine which instructions are executed, with a precision that allows them to designate different operands of the same instruction.
The good news is that attackers are unlikely to use this technique in practice. Because to collect data from internal sensors, you need direct access to the system. If an attacker gains direct access to the system, they will most likely find an easier way to steal data.
Add Comment