Side-Channel Attack

Side-Channel Attack

In computer security, a side-channel attack is any attack based on information gained from the implementation of a computer system, rather then weaknesses in the implemented algorithm itself (e.g. cryptanalysis and software bugs).

Timing information, power consumption, eletromagnetic leaks or even sound can provide an extra source of information, which can be exploited to break the system. Some side-channel attacks require technical knowledge of the internal opeartion of the system, although others such as differential power analysis are effective as black-box attacks.

Attempts to break a cryptosystem by deceiving or coerching people with legitimate access are not typically considered side-channel attacks.

General

General classes of side channel attack include:

- Cache attack - attacks based on attacker's ability to monitor cache accesses made by the victim in a shared physical system as in virtualized environment or a type of cloud service.

- Timing attack - attacks based on measuring how much time various computations (such as, say, comparing an attacker's given password with the victim's unknown one) take to perform.

- Power-monitoring attack - attacks that make use of varying power consumption by the hardware duting computation.

- Electromagnetic attack - attacks based on leaked electromagnetic radiation, which can directly provide plaintexts and other information. Such measurements can be used to infer cryptographic keys using techniques equivalent to those in power analysis or can be used in non-cryptographic attack.

In all cases, the underlying principle is that physical effects caused by the operation of a cryptosystem (on the side) can provide useful extra information about secrets in the system, for example, teh cryptographic key, partial state infomation, full or partial plaintexts and so forth.