Examples
A timing attack watches data movement into and out of the CPU, or memory, on the hardware running the cryptosystem or algorithm. Simply by observing variations in how long it takes to perform cryptographic operations, it might be possible to determine the entire secret key. Such attacks involve statistical analysis of timing measurements, and have been demonstrated across networks.
A power analysis attack can provide even more detailed information by observing the power consumption of a hardware device such as CPU or cryptographic circuit. These attacks are roughly categorized into simple power analysis (SPA) and differential power analysis (DPA).
Fluctuations in current also generate radio waves, enabling attacks that analyze measurements of electromagnetic emanations. These attacks typically involve similar statistical techniques as power analysis attacks.
Non-cryptographic historical analogues to modern side channel attacks are known. A recently declassified NSA document reveals that as far back as 1943, an engineer with Bell telephone observed decipherable spikes on an oscilloscope associated with the decrypted output of a certain encrypting teletype. According to former MI5 officer Peter Wright, the British Security Service analysed emissions from French cipher equipment in the 1960s. In the 1980s, Soviet eavesdroppers were suspected to plant bugs inside IBM Selectric typewriters to monitor the electrical noise generated as the type ball rotated and pitched to strike the paper; the characteristics of those signals could determine which key was pressed.
Power consumption of devices causes heating, which is offset by cooling effects. Temperature changes create thermally induced mechanical stress. That stress appears can create low level acoustic (i.e. noise) emissions from operating CPUs (about 10 kHz in some cases). Recent research by Shamir et al. has suggested that information about the operation of cryptosystems and algorithms can be obtained in this way as well. This is an acoustic attack; if the surface of the CPU chip, or in some cases the CPU package, can be observed, infrared images can also provide information about the code being executed on the CPU, known as a thermal imaging attack.
Read more about this topic: Side Channel Attack
Famous quotes containing the word examples:
“It is hardly to be believed how spiritual reflections when mixed with a little physics can hold people’s attention and give them a livelier idea of God than do the often ill-applied examples of his wrath.”
—G.C. (Georg Christoph)
“No rules exist, and examples are simply life-savers answering the appeals of rules making vain attempts to exist.”
—André Breton (1896–1966)
“Histories are more full of examples of the fidelity of dogs than of friends.”
—Alexander Pope (1688–1744)