"Collide+Power Vulnerability Leaks Secrets Bit by Bit"

Researchers in Austria and Germany have developed a power-monitoring side-channel attack that exposes sensitive data on modern computer chips. The Collide+Power attack analyzes the processor's power consumption to determine the contents of the CPU cache memory. It may expose encryption keys and other identifiers if an attacker has persistent access to the victim's hardware or to a cloud computing environment that shares hardware between tenants. The technique is described in a paper titled "Collide+Power: Leaking Inaccessible Data with Software-based Power Side Channels." Collide+Power is based on measuring how power usage varies when processing known data from the attacker and unknown data from the victim, and then inferring the unknown data based on differences between these measurements. This article continues to discuss the Collide+Power attack. 

The Register reports "Collide+Power Vulnerability Leaks Secrets Bit by Bit"