Novel PACMAN Side-Channel Attack Can Defeat Apple's M1 Chip Defense Against Vulnerabilities

IT service provider of two German energy companies paralyzed by 'hacker attack,' Election equipment in Georgia county may have been compromised, 70+ Indian websites defaced, much more

Photo by Kiryl Sharkouski on Unsplash

Researchers from MIT's Computer Science and Artificial Intelligence Laboratory (CSAIL) developed a novel side-channel attack called PACMAN that can defeat a feature in Apple’s powerful M1 chip known as pointer authentication, which acts as a last line of defense against typical software vulnerabilities.

The attack demonstrates that pointer authentication can be defeated without leaving a trace. Moreover, PACMAN utilizes a hardware mechanism, so no software patch can ever fix it. The team showed that it's possible to guess a value for the pointer authentication code (PAC) and reveal whether the guess was correct or not via a hardware side channel. Because there are only so many possible values for the PAC, they found that it's possible to try them all to find the correct one.

However, PACMAN can only take an existing bug …