Analyzing Vector Register Usage in Linux Packages to Understand Real-World Impact of Downfall Attack

Computer Science > Cryptography and Security [Submitted on 12 Apr 2026] Analyzing Vector Register Usage in Linux Packages to Understand Real-World Impact of Downfall Attack Yohei Harata, Soramichi Akiyama Downfall is a side-channel attack that leaks values in vector registers from a process to another on the same CPU core. This attack enables an attacker to achieve serious outcomes (e.g., stealing AES keys), and there is no fundamental countermeasure besides applying microcode-based hardware patches. Although the impact of this attack is discussed by the original paper and by Intel to some extent, it is still unclear whether programs used in daily computing activities of normal users are affected by Downfall. This paper thoroughly analyzes the usage of vector registers in widely used applications to assess the impact of Downfall on them. In particular, we collect all packages (over 133~K) provided by the four latest long-term support versions of Ubuntu and measure various metrics on vector instructions. Our findings include that over 60% of all binary files contained in the packages use at least one vector register, and that some highly popular packages such as apt might also be affected by Downfall. Subjects: Cryptography and Security (cs.CR) Cite as: arXiv:2604.10648 [cs.CR]   (or arXiv:2604.10648v1 [cs.CR] for this version)   https://doi.org/10.48550/arXiv.2604.10648 Focus to learn more Submission history From: Soramichi Akiyama [view email] [v1] Sun, 12 Apr 2026 13:53:00 UTC (968 KB) Access Paper: HTML (experimental) view license Current browse context: cs.CR < prev   |   next > new | recent | 2026-04 Change to browse by: cs References & Citations NASA ADS Google Scholar Semantic Scholar Export BibTeX Citation Bookmark Bibliographic Tools Bibliographic and Citation Tools Bibliographic Explorer Toggle Bibliographic Explorer (What is the Explorer?) Connected Papers Toggle Connected Papers (What is Connected Papers?) Litmaps Toggle Litmaps (What is Litmaps?) scite.ai Toggle scite Smart Citations (What are Smart Citations?) Code, Data, Media Demos Related Papers About arXivLabs Which authors of this paper are endorsers? | Disable MathJax (What is MathJax?)