BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//pretalx//cfp.riscv-europe.org//eu-summit-2026//talk//EFXQQP
BEGIN:VTIMEZONE
TZID:CET
BEGIN:STANDARD
DTSTART:20001029T040000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=10
TZNAME:CET
TZOFFSETFROM:+0200
TZOFFSETTO:+0100
END:STANDARD
BEGIN:DAYLIGHT
DTSTART:20000326T030000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=3
TZNAME:CEST
TZOFFSETFROM:+0100
TZOFFSETTO:+0200
END:DAYLIGHT
END:VTIMEZONE
BEGIN:VEVENT
UID:pretalx-eu-summit-2026-EFXQQP@cfp.riscv-europe.org
DTSTART;TZID=CET:20260609T105000
DTEND;TZID=CET:20260609T110000
DESCRIPTION:Cache timing attacks against AES are well studied on x86 and AR
 M\, but their end-to-end exploitability on commercially deployed RISC-V sy
 stems under realistic OS scheduling is less documented. This paper present
 s an experimental evaluation of a Prime+Probe attack targeting the private
  L1 data cache of a PolarFire SoC RISC-V platform running Linux\, where at
 tacker and victim are independent user-space processes time-multiplexed on
  the same core. We separate three stages\, leakage observability\, cache-s
 et classification\, and key inference\, and show that first-round T-table 
 lookups induce measurable per-set interference enabling reliable inference
  of the most significant 4 bits of AES key bytes. We also find substantial
  cache-set variability highlighting a practical gap between observable lea
 kage and end-to-end exploitability on real RISC-V systems.
DTSTAMP:20260522T163204Z
LOCATION:Poster Island A
SUMMARY:From Leakage to Exploitability: Empirical Study of Cross-Process L1
  Prime+Probe on RISC-V - Fortunelli Gianmarco
URL:https://cfp.riscv-europe.org/eu-summit-2026/talk/EFXQQP/
END:VEVENT
END:VCALENDAR