Hertzbleed explained

The Hertzbleed attack is a new type of side-channel attack that exploits changes in CPU frequency to compromise cryptographic software. It demonstrates that dynamic voltage and frequency scaling (DVFS), a power management scheme of modern x86 processors, depends on the data being processed. This vulnerability can lead to different CPU P-state distribution and execution time depending on the input data, potentially allowing an attacker to infer secret information from program's running time. Cryptographic algorithms that rely on constant-time execution are particularly vulnerable to this type of attack. The Supersingular Isogeny Key Encapsulation (SIKE) protocol is one example of a cryptographic algorithm that can be exploited by Hertzbleed. To mitigate the risk, developers should enforce strict validation of untrusted inputs and consider potential countermeasures against DVFS-based side-channel attacks.