Software-based energy measurement features in contemporary CPUs allow one to track and to limit energy consumption, e.g., for realizing green IT. The security implications of software-based energy measurement, however, are not well understood. In this article, we study such security implications of green IT. More concretely, we show that side-channel attacks can be established using software-based energy measurement at the example of a popular RSA implementation. Using distinguishing experiments, we identify a side-channel vulnerability that enables attackers to distinguish RSA keys by measuring energy consumption. We demonstrate that a surprisingly low number of sample measurements suffices to succeed in an attack with high probability. In contrast to traditional power side-channel attacks, no physical access to hardware is needed. This makes the vulnerabilities particularly serious.
CITATION STYLE
Mantel, H., Schickel, J., Weber, A., & Weber, F. (2018). How secure is green IT? the case of software-based energy side channels. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 11098 LNCS, pp. 218–239). Springer Verlag. https://doi.org/10.1007/978-3-319-99073-6_11
Mendeley helps you to discover research relevant for your work.