GoFetch: Breaking Constant-Time Cryptographic Implementations Using Data Memory-Dependent Prefetchers

Watch a technical conference presentation from USENIX Security '24 exploring how data memory-dependent prefetchers (DMPs) can compromise cryptographic implementations. Discover groundbreaking research demonstrating end-to-end attacks on security-critical software using Apple m-series DMP, revealing vulnerabilities in constant-time cryptographic systems. Learn how researchers from multiple institutions uncovered that DMPs can activate on any victim program and potentially leak cached pointer-like data, leading to successful attacks on both classical cryptography implementations like OpenSSL Diffie-Hellman Key Exchange and Go RSA decryption, as well as post-quantum systems including CRYSTALS-Kyber and CRYSTALS-Dilithium. Gain insights into how this research challenges fundamental assumptions about microarchitectural side-channel attack defenses and the security implications for modern processor design.