Side Channel Analysis Attacks

Reading time: 4 minutes

Side-channel attacks recover secrets by observing physical or micro-architectural "leakage" that is correlated with internal state but is not part of the logical interface of the device. Examples range from measuring the instantaneous current drawn by a smart-card to abusing CPU power-management effects over a network.

Main Leakage Channels

Power Analysis

Simple Power Analysis (SPA)

Observe a single trace and directly associate peaks/valleys with operations (e.g. DES S-boxes).

# ChipWhisperer-husky example – capture one AES trace
from chipwhisperer.capture.api.programmers import STMLink
from chipwhisperer.capture import CWSession
cw = CWSession(project='aes')
trig = cw.scope.trig
cw.connect(cw.capture.scopes[0])
cw.capture.init()
trace = cw.capture.capture_trace()
print(trace.wave)  # numpy array of power samples

Differential/Correlation Power Analysis (DPA/CPA)

Acquire N > 1 000 traces, hypothesise key byte k, compute HW/HD model and correlate with leakage.

import numpy as np
corr = np.corrcoef(leakage_model(k), traces[:,sample])

CPA remains state-of-the-art but machine-learning variants (MLA, deep-learning SCA) now dominate competitions such as ASCAD-v2 (2023).

Electromagnetic Analysis (EMA)

Near-field EM probes (500 MHz–3 GHz) leak identical information to power analysis without inserting shunts. 2024 research demonstrated key recovery at >10 cm from an STM32 using spectrum correlation and low-cost RTL-SDR front-ends.

Timing & Micro-architectural Attacks

Modern CPUs leak secrets through shared resources:

• Hertzbleed (2022) – DVFS frequency scaling correlates with Hamming weight, allowing remote extraction of EdDSA keys.
• Downfall / Gather Data Sampling (Intel, 2023) – transient-execution to read AVX-gather data across SMT threads.
• Zenbleed (AMD, 2023) & Inception (AMD, 2023) – speculative vector mis-prediction leaks registers cross-domain.

Acoustic & Optical Attacks

• 2024 "​iLeakKeys" showed 95 % accuracy recovering laptop keystrokes from a smart-phone microphone over Zoom using a CNN classifier.
• High-speed photodiodes capture DDR4 activity LED and reconstruct AES round keys within <1 minute (BlackHat 2023).

Fault Injection & Differential Fault Analysis (DFA)

Combining faults with side-channel leakage shortcuts key search (e.g. 1-trace AES DFA). Recent hobbyist-priced tools:

• ChipSHOUTER & PicoEMP – sub-1 ns electromagnetic pulse glitching.
• GlitchKit-R5 (2025) – open-source clock/voltage glitch platform supporting RISC-V SoCs.

Typical Attack Workflow

1. Identify leakage channel & mount point (VCC pin, decoupling cap, near-field spot).
2. Insert trigger (GPIO or pattern-based).
3. Collect >1 k traces with proper sampling/filters.
4. Pre-process (alignment, mean removal, LP/HP filter, wavelet, PCA).
5. Statistical or ML key recovery (CPA, MIA, DL-SCA).
6. Validate and iterate on outliers.

Defences & Hardening

• Constant-time implementations & memory-hard algorithms.
• Masking/shuffling – split secrets into random shares; first-order resistance certified by TVLA.
• Hiding – on-chip voltage regulators, randomised clock, dual-rail logic, EM shields.
• Fault detection – redundant computation, threshold signatures.
• Operational – disable DVFS/turbo in crypto kernels, isolate SMT, prohibit co-location in multi-tenant clouds.

Tools & Frameworks

• ChipWhisperer-Husky (2024) – 500 MS/s scope + Cortex-M trigger; Python API as above.
• Riscure Inspector & FI – commercial, supports automated leakage assessment (TVLA-2.0).
• scaaml – TensorFlow-based deep-learning SCA library (v1.2 – 2025).
• pyecsca – ANSSI open-source ECC SCA framework.

References

• ChipWhisperer Documentation
• Hertzbleed Attack Paper