Abstract: International audience; Besides cryptographic secrets, software-based side-channel attacks also leak sensitive user input. The most accurate attacks exploit cache timings or interrupt information to monitor keystroke timings and subsequently infer typed words and sentences. These attacks have also been demonstrated in JavaScript embedded in websites by a remote attacker. We extend the state-of-the-art with a new interrupt-based attack and the first Prime+ Probe attack on kernel interrupt handlers. Previously proposed countermeasures fail to pre...
(read more)
Topics: 
Computer security
Operating system
Embedded system