"In computer security, a side-channel attack is any attack based on extra information that can be gathered because of the fundamental way a computer protocol or algorithm is implemented..."
Attacks that exploit weaknesses in a system's physical implementation, rather than in its cryptographic algorithms.
Cryptography basics: This covers the study of techniques used to secure communication, such as symmetric and asymmetric encryption, hashing, digital signatures, etc.
Side-channel attacks introduction: This covers the basic concepts of side-channel attacks, such as what they are, how they work, and their potential impact on cryptographic systems.
Power analysis: This is a type of side-channel attack that targets the power consumption patterns of a cryptographic device, such as a smart card or a microchip.
Electromagnetic radiation analysis: This is another type of side-channel attack that targets the electromagnetic radiation emitted by a cryptographic device.
Timing analysis: This is a type of side-channel attack that targets the timing information of a cryptographic device, such as the time taken to perform an encryption operation.
Fault analysis: This is a type of side-channel attack that targets the integrity of a cryptographic algorithm by inducing faults.
Differential Power Analysis (DPA): This is a specific type of power analysis that uses statistical techniques to extract cryptographic keys from a device.
Simple Power Analysis (SPA): This is another type of power analysis that involves directly observing power consumption patterns.
Correlation Power Analysis (CPA): This is a variation of DPA, which measures the correlation between power consumption and a guessed key over a series of power traces.
Template Attacks: This is a powerful form of side-channel attack that helps leverage previous observations of the target device to improve the chances of a successful attack.
Fingerprinting: This technique aims to recognize specific cryptographic operations by looking for specific traces in measurements.
Noise Reduction Techniques: This is a set of techniques that aims to eliminate or reduce the noise in side-channel measurements, so as to improve the chances of a successful attack.
Countermeasures: This covers the various strategies that aim to prevent or mitigate the effects of side-channel attacks, including masking, blinding, shuffling, etc.
Evaluation Metrics: This includes standard metrics used to evaluate the effectiveness of side-channel attacks, such as the success rate, number of measurements required, etc.
Attack Modeling: This covers the various models and assumptions that side-channel attackers make about the target device, such as the number of samples, model of leakage, etc.
Cryptanalysis: This is the study of methods to break cryptosystems, including side-channel attacks, brute force attacks, man-in-the-middle attacks, etc.
Machine Learning: This is an emerging field that aims to use machine learning algorithms to improve the efficiency and effectiveness of side-channel attacks.
Open-source Tools: This covers the various open-source tools available for side-channel analysis, such as ChipWhisperer, Scapy, etc.
Testing and validation: This covers the process of testing and validating cryptographic systems against side-channel attacks.
Power Analysis Attacks: In this type of attack, an attacker observes the power consumption of a device while it performs cryptographic operations. The attacker can then analyze the power traces to extract sensitive information.
Timing Analysis Attacks: This type of attack involves monitoring the time taken by a device to perform cryptographic operations. The attacker can then use this information to deduce the encryption keys or other confidential information.
Electromagnetic Emanations Analysis: This type of attack involves measuring the electromagnetic emissions of a device during cryptographic operations. These emissions can reveal information about the encryption keys and other confidential information.
Acoustic Cryptanalysis: This type of attack involves analyzing the acoustic emissions of a device during cryptographic operations. The attacker can then use these acoustic signals to extract sensitive information.
Optical Cryptanalysis: In this type of attack, an attacker uses specialized optical sensors to capture the light emissions of a device during cryptographic operations. The attacker can then use this information to deduce the encryption keys or other confidential information.
Fault Injection Attacks: This type of attack involves intentionally injecting faults into cryptographic operations to make the device vulnerable to side-channel attacks.
Differential Power Analysis: This type of attack involves analyzing the power consumption of a device to detect any differences between the power consumption of correct and incorrect cryptographic operations.
"...rather than flaws in the design of the protocol or algorithm itself..."
"Timing information, power consumption, electromagnetic leaks, and sound are examples of extra information which could be exploited to facilitate side-channel attacks."
"Some side-channel attacks require technical knowledge of the internal operation of the system, although others such as differential power analysis are effective as black-box attacks."
"The rise of Web 2.0 applications and software-as-a-service has also significantly raised the possibility of side-channel attacks on the web, even when transmissions between a web browser and server are encrypted..."
"No, attempts to break a cryptosystem by deceiving or coercing people with legitimate access are not typically considered side-channel attacks..."
"Cache attack — attacks based on attacker's ability to monitor cache accesses made by the victim in a shared physical system as in a virtualized environment or a type of cloud service."
"Timing attack — attacks based on measuring how much time various computations take to perform."
"Power-monitoring attack — attacks that make use of varying power consumption by the hardware during computation."
"Electromagnetic attack — attacks based on leaked electromagnetic radiation, which can directly provide plaintexts and other information."
"Acoustic cryptanalysis — attacks that exploit sound produced during a computation..."
"Differential fault analysis — in which secrets are discovered by introducing faults in a computation."
"Data remanence — in which sensitive data are read after supposedly having been deleted."
"Software-initiated fault attacks — Currently a rare class of side channels, Row hammer is an example in which off-limits memory can be changed by accessing adjacent memory too often."
"Allowlist — attacks based on the fact that allowlisting devices will behave differently when communicating with allowlisted and non-allowlisted devices. Allowlist-based side channel may be used to track Bluetooth MAC addresses."
"Optical - in which secrets and sensitive data can be read by visual recording using a high-resolution camera or other devices that have such capabilities..."
"The term cryptophthora (secret degradation) is sometimes used to express the degradation of secret key material resulting from side-channel leakage."