Zen and the Art of Microcode Hacking

(bughunters.google.com)
68 points nspaced | 4 comments | 05 Mar 25 18:14 UTC | HN request time: 0.533s | source
1. bell-cot ◴[05 Mar 25 18:51 UTC] No.43270625[source]
> AMD Zen CPUs use an almost standard RSASSA-PKCS1-v1_5 algorithm; however, instead of using one of the recommended hash functions, an alternative that is prone to collisions was selected.

[Etc.]

Sounds like Yet Another Fail for DIY Crypto.

2. ruuda ◴[05 Mar 25 20:58 UTC] No.43272295[source]
> We noticed that the key from an old Zen 1 CPU was the example key of the NIST SP 800-38B publication (Appendix D.1 2b7e1516 28aed2a6 abf71588 09cf4f3c) and was reused until at least Zen 4 CPUs.

Oops!

3. therealcamino ◴[06 Mar 25 13:50 UTC] No.43280153[source]
This is really interesting just for the details on the microcode mechanisms inside the chip (and there's a link to similar research on Intel chips.)