Conventional power side-channel attacks rely on complete power traces, extensive preprocessing, and external synchronization—limiting practicality and accessibility. Method: This work introduces a novel physical side-channel attack leveraging transient power spikes induced by kernel-level sleep-triggered context switches. It uniquely exploits residual power characteristics from preceding program execution to construct a lightweight side-channel source. Crucially, the attack infers execution states from a single peak amplitude measurement, eliminating the need for trace alignment or signal filtering. Contribution/Results: By modeling the correlation among context switching, residual power, and cryptographic operations, the method successfully recovers secret keys from AES and SIKE implementations on the BCM2711 platform. This significantly lowers the barrier to entry for physical side-channel attacks and expands the attack surface to the operating system level—demonstrating, for the first time, that context-switch transients constitute a viable, low-overhead side channel.

Context switching is utilized by operating systems to change the execution context between application programs. It involves saving and restoring the states of multiple registers and performing a pipeline flush to remove any pre-fetched instructions, leading to a higher instantaneous power consumption compared to typical program execution. In this paper, we introduce a physical power side-channel leakage source that exploits the power spike observed during a context switch, triggered by the inbuilt sleep function of the system kernel. We observed that this power spike directly correlates with both the power consumption during context switching and the residual power consumption of the previously executed program. Notably, the persistence of residual power signatures from previous workloads extends the scope of this side-channel beyond extracting the data in registers during the context switch. Unlike traditional approaches that require analyzing full power traces, applying complex preprocessing, or relying on external synchronization triggers, this novel technique leverages only the amplitude of a single power spike, significantly simplifying the attack. We developed a power model to illustrate the feasibility of mounting end-to-end side-channel attacks using the sleep-induced power spikes. Experimental evaluation demonstrates that our framework can successfully perform cryptographic key recovery for both AES and SIKE implementations on Broadcom BCM2711.