Power Analysis Attack
What is Power Analysis Attack?
Power Analysis AttackA side-channel attack that recovers secret keys by measuring fluctuations in the power consumption of a cryptographic device during operations.
Power analysis attacks recover cryptographic secrets from the instantaneous power draw of a chip running an algorithm, exploiting the fact that CMOS transistors consume slightly different power depending on the data they process. Simple Power Analysis (SPA) reads patterns directly from a single trace, for example the square-and-multiply branches in RSA. Differential Power Analysis (DPA), introduced by Paul Kocher, Joshua Jaffe, and Benjamin Jun in 1998, statistically correlates thousands of traces with hypothetical intermediate values to extract AES, DES, or ECC keys. Defences include constant-time and constant-power implementations, masking (Boolean and arithmetic), shuffling, hardware noise sources, and FIPS 140-3 and ISO/IEC 17825 evaluations.
● Examples
- 01
Recovering an AES-128 key from 10,000 power traces of a smart card using CPA.
- 02
Reading RSA key bits directly from a single power trace via SPA when no countermeasures are present.
● Frequently asked questions
What is Power Analysis Attack?
A side-channel attack that recovers secret keys by measuring fluctuations in the power consumption of a cryptographic device during operations. It belongs to the Cryptography category of cybersecurity.
What does Power Analysis Attack mean?
A side-channel attack that recovers secret keys by measuring fluctuations in the power consumption of a cryptographic device during operations.
How does Power Analysis Attack work?
Power analysis attacks recover cryptographic secrets from the instantaneous power draw of a chip running an algorithm, exploiting the fact that CMOS transistors consume slightly different power depending on the data they process. Simple Power Analysis (SPA) reads patterns directly from a single trace, for example the square-and-multiply branches in RSA. Differential Power Analysis (DPA), introduced by Paul Kocher, Joshua Jaffe, and Benjamin Jun in 1998, statistically correlates thousands of traces with hypothetical intermediate values to extract AES, DES, or ECC keys. Defences include constant-time and constant-power implementations, masking (Boolean and arithmetic), shuffling, hardware noise sources, and FIPS 140-3 and ISO/IEC 17825 evaluations.
How do you defend against Power Analysis Attack?
Defences for Power Analysis Attack typically combine technical controls and operational practices, as detailed in the full definition above.
What are other names for Power Analysis Attack?
Common alternative names include: DPA, SPA, Differential Power Analysis.
● Related terms
- cryptography№ 1139
TEMPEST Attack
Recovery of secret information by capturing unintended electromagnetic, acoustic, or optical emanations from electronic equipment.
- cryptography№ 445
Glitch Attack
A fault-injection technique that briefly perturbs voltage or clock signals to make a chip skip instructions or leak cryptographic secrets.
- cryptography№ 929
RFID Cloning
Copying the identifier or cryptographic data of an RFID tag, such as HID Prox or MIFARE Classic, onto another device to impersonate the original badge.
- cryptography№ 020
AES (Advanced Encryption Standard)
A NIST-standardized 128-bit block cipher with 128-, 192- or 256-bit keys, designed by Daemen and Rijmen and used as the dominant symmetric cipher worldwide.
- vulnerabilities№ 1038
Side-Channel Attack
An attack that recovers secrets from a system by observing physical or implementation characteristics — timing, power, electromagnetic emissions, caches, acoustic signals — rather than logical flaws.