An international team of security boffins, including experts from the University of Birmingham, have discovered new vulnerabilities in Intel processors.
This category of attacks, dubbed PLATYPUS, exploits fluctuations in a device’s power consumption to extract sensitive data such as cryptographic keys.
These attacks were difficult to execute as they required accurate power measurements which were difficult to execute using malware. That is why attackers were known to require physical access to the target device, and measurement tools – such as an oscilloscope.
However, new research by the Graz University of Technology, which partnered with the University of Birmingham and the Helmholtz Center for Information Security (CISPA), uncovers a method that makes it possible to access sensitive data using power side-channel attacks with unprecedented accuracy – even without physical access.