Mantel, HeikoHeikoMantelSchickel, JohannesJohannesSchickelWeber, AlexandraAlexandraWeberWeber, FriedrichFriedrichWeber2022-10-202022-10-202018-09Lecture Notes in Computer Science 11098 LNCS: 218-239 (2018)http://hdl.handle.net/11420/13824Software-based energy measurement features in contemporary CPUs allow one to track and to limit energy consumption, e.g., for realizing green IT. The security implications of software-based energy measurement, however, are not well understood. In this article, we study such security implications of green IT. More concretely, we show that side-channel attacks can be established using software-based energy measurement at the example of a popular RSA implementation. Using distinguishing experiments, we identify a side-channel vulnerability that enables attackers to distinguish RSA keys by measuring energy consumption. We demonstrate that a surprisingly low number of sample measurements suffices to succeed in an attack with high probability. In contrast to traditional power side-channel attacks, no physical access to hardware is needed. This makes the vulnerabilities particularly serious.enInformatikConference Paper10.1007/978-3-319-99073-6_11Other