Abstract
   Power side-channel attacks exploit data-dependent varia-
   tions in a CPU’s power consumption to leak secrets. In this
   paper, we show that on modern Intel (and AMD) x86 CPUs,
   power side-channel attacks can be turned into timing attacks
   that can be mounted without access to any power measure-
   ment interface. Our discovery is enabled by dynamic voltage
   and frequency scaling (DVFS). We find that, under certain
   circumstances, DVFS-induced variations in CPU frequency
   depend on the current power consumption (and hence, data)
   at the granularity of milliseconds. Making matters worse,
   these variations can be observed by a remote attacker, since
   frequency differences translate to wall time differences!
   The frequency side channel is theoretically more powerful
   than the software side channels considered in cryptographic
   engineering practice today, but it is difficult to exploit because
   it has a coarse granularity. Yet, we show that this new channel
   is a real threat to the security of cryptographic software. First,
   we reverse engineer the dependency between data, power,
   and frequency on a modern x86 CPU—finding, among other
   things, that differences as seemingly minute as a set bit’s
   position in a word can be distinguished through frequency
   changes. Second, we describe a novel chosen-ciphertext at-
   tack against (constant-time implementations of) SIKE, a post-
   quantum key encapsulation mechanism, that amplifies a sin-
   gle key-bit guess into many thousands of high- or low-power
   operations, allowing full key extraction via remote timing.