BEGIN:VCALENDAR VERSION:2.0 PRODID:Linklings LLC BEGIN:VTIMEZONE TZID:America/Los_Angeles X-LIC-LOCATION:America/Los_Angeles BEGIN:DAYLIGHT TZOFFSETFROM:-0800 TZOFFSETTO:-0700 TZNAME:PDT DTSTART:19700308T020000 RRULE:FREQ=YEARLY;BYMONTH=3;BYDAY=2SU END:DAYLIGHT BEGIN:STANDARD TZOFFSETFROM:-0700 TZOFFSETTO:-0800 TZNAME:PST DTSTART:19701101T020000 RRULE:FREQ=YEARLY;BYMONTH=11;BYDAY=1SU END:STANDARD END:VTIMEZONE BEGIN:VEVENT DTSTAMP:20240626T180033Z LOCATION:3012\, 3rd Floor DTSTART;TZID=America/Los_Angeles:20240625T133000 DTEND;TZID=America/Los_Angeles:20240625T134500 UID:dac_DAC 2024_sess156_RESEARCH1733@linklings.com SUMMARY:Uncovering Software-Based Power Side-Channel Attacks on Apple M1/M 2 Systems DESCRIPTION:Research Manuscript\n\nNikhil Chawla, Chen Liu, Abhishek Chakr aborty, Igor Chervatyuk, Thais Moreira Hamasaki, Ke Sun, and Henrique Kawa kami (Intel Corporation)\n\nTraditionally, power side-channel analysis req uires physical access to the target device, as well as specialized devices to measure the power consumption with enough precision.\nRecently researc h has shown that on x86 platforms, on-chip power meter capabilities expose d to a software interface might be used for power side-channel attacks wit hout physical access. In this paper, we show that such software-based powe r side-channel attack is also applicable on Apple silicon (e.g., M1/M2 pla tforms), exploiting the System Management Controller (SMC) and its power-r elated keys, which provides access to the on-chip power meters through a s oftware interface to user space software. \nWe observed data-dependent pow er consumption reporting from such SMC keys and analyzed the correlations between the power consumption and the processed data. Our work also demons trated how an unprivileged user mode application successfully recovers byt es from an AES encryption key from a cryptographic service supported by a kernel mode driver in MacOS. We have also studied the feasibility of perfo rming frequency throttling side-channel attack on Apple silicon. Furthermo re, we discuss the impact of software-based power side-channels in the ind ustry, possible countermeasures, and the overall implications of software interfaces for modern on-chip power management systems.\n\nTopic: Security \n\nKeyword: Hardware Security: Attack and Defense\n\nSession Chairs: Sidd harth Garg (New York University) and Daniel Dinu (Intel Corporation) END:VEVENT END:VCALENDAR