Side-Channel Power Analysis Series - Part 1 of 7
You are at the beginning. No prior hardware hacking knowledge needed.
| Part | Title | Status |
|---|---|---|
| 1 — You are here | The Gap Between Mathematical Security and Physical Reality |  |
| 2 | Why Does Power Consumption Leak Secrets? | |
| 3 | AES — Understanding What We Are Attacking | |
| 4 | SPA, DPA and CPA — The Attack Ladder | |
| 5 | Hardware Setup and First Connection — Let’s Actually Do This | |
| 6 | Compiling Firmware, Setting Up Capture and Getting Your First Real Power Trace | |
| 7 | I Stole an AES Key by Watching a Chip’s Power Consumption | |
Next → Part 2: Why Does Power Consumption Leak Secrets?
Part of the series: Side-Channel Power Analysis with ChipWhisperer - Starting from Zero
Before We Start
I want to be honest with you.
I am not a cryptography expert. I am not an electronics engineer. I am a security researcher who one day stumbled onto something called a “side-channel attack” and went down a rabbit hole so deep I had to write a blog series just to process it.
This series is for people like me. People who know a little bit about security. People who have heard of AES, maybe played with it. People who kind of know what a key is. But people who, if you asked them “how does power consumption leak a secret key,” would stare at you blankly.
That was me. This blog series is how I un-blanked myself.
We start from absolute zero. No assumptions. If I use a word you don’t know, I explain it. If something confused me, I tell you. If something broke my brain before it clicked, I tell you that too.
Let’s go.
The Thing Nobody Told Me About Encryption
When I first learned about AES the encryption algorithm that protects basically everything on the internet I was impressed. The math is beautiful. There are proofs. Real proofs, the kind mathematicians write. They say: if you don’t have the key, you cannot get the message. Not “it’s hard.” Not “it takes a long time.” Mathematically. Impossible.
I thought: okay. We’re safe.
Then I learned about side-channel attacks and I realized: we were asking the wrong question the whole time.
The question we were asking: can the algorithm be broken?
The question we should have also been asking: what happens to the physical device while it runs the algorithm?
These are completely different questions. And the second one has a very uncomfortable answer.
The Secret Language Analogy
Let me give you an analogy before we go technical.
Imagine you and your friend invent a secret language. You spend years on it. It’s perfect — no one else on earth speaks it. You write each other letters in this language. Mathematically, any letter you write is unbreakable. Nobody can decode it without knowing the language.
Now imagine someone hides a camera in your room while you’re writing.
They film you writing the letter. They watch your hand move. They pause the video, zoom in, read what you wrote in your secret language by watching the physical act of writing.
They never broke the language. They watched you.
The language was secure. The act of writing was not.
This is the gap. This is the entire point of Blog 1.
Modern encryption is the secret language. The chip running the encryption is you, sitting at the desk, writing. The language is unbreakable. But the physical act of computation — the heat, the power draw, the time taken that leaks information. And an attacker who knows how to read those leaks doesn’t need to break the math at all.
What Is a Side Channel?
When a chip runs encryption, two things happen at the same time.
The logical thing: bits flip, the key mixes with the data, ciphertext comes out. This is what the algorithm describes. This is what the math proves secure.
The physical thing: transistors switch, capacitors charge and discharge, the chip draws current from the power supply, tiny electromagnetic fields radiate outward, the chip gets slightly warm.
The physical things are not random noise. They are connected to what the chip is computing. Different data produces slightly different physical behavior. Different operations produce slightly different power draws.
A side channel is this: an unintended path through which secret information escapes — not through the output, but through the physical behavior of the system.
The “intended channel” is the output. The ciphertext. That’s what the algorithm produces. A side channel is everything else. Power. Time. Electromagnetic radiation. Sound.
Here’s a picture of what I mean:
+------------------+
| Encryption |
| Algorithm |
| |
| Key + Data --> Ciphertext <-- intended channel (secure)
| |
+------------------+
|
| (side effects of running on real hardware)
|
+----+----+----+----+
| | | | |
Power Time EM Sound <-- side channels (leaking)
The algorithm was designed to produce ciphertext. Nobody designed it to produce a power trace. But it does as a side effect of running on real, physical silicon.
What I Found Confusing (And Now Don’t)
When I first heard “side channel,” I thought it meant someone found a bug in AES. Like a flaw in the math.
That’s not it at all.
The algorithm is fine. The math is fine. The side channel is not a bug in the code it’s a consequence of the code running on physical hardware. You cannot patch it away by fixing the algorithm. The algorithm is not broken. Physics is just physics.
This confused me for a while. If the algorithm is not broken, how is this an attack?
Here is how I think about it now: the algorithm lives in math. Math is abstract. It has no temperature. It draws no power. It makes no sound.
But your chip lives in the real world. And in the real world, computation has a physical shadow. That shadow is what we are reading.
The Four Ways Secrets Escape
Now that we know what a side channel is, here are the four main physical leakage types. Think of these as the four ways the “physical shadow” of computation can be read.
1. Timing
Some operations take longer than others depending on the data being processed. If your encryption takes 50 nanoseconds with one key value and 52 nanoseconds with another, that 2 nanosecond difference is measurable. Collect enough measurements and you can infer the key.
Pure software attack. No physical access needed. Just a very precise stopwatch.
2. Power
When a transistor switches, it draws a tiny burst of current. The chip’s power consumption moment-to-moment is a direct reflection of what bits are being processed.
Connect a sensitive current probe between the power supply and the chip, record the power trace during encryption, and you have a map of what happened inside.
This is what ChipWhisperer does. This is what this entire blog series is about.
3. Electromagnetic (EM)
Every wire carrying current creates a magnetic field around it. A CPU has millions of tiny wires switching millions of times per second. All that switching radiates electromagnetic fields outward.
Hold a sensitive antenna near the device and you can pick up those fluctuations. The EM trace carries the same information as the power trace — but you don’t even need to touch the device.
4. Acoustic (Sound)
Capacitors and coils physically vibrate at slightly different frequencies depending on what’s being computed. In 2013, researchers at Tel Aviv University extracted RSA keys from a laptop by holding a microphone next to it for a few seconds.
The laptop was just sitting there, doing encryption. The sound it made gave up the key.
We Are Not Breaking the Algorithm
I want to be very clear about this because it took me a while to fully get it.
When we do a side-channel attack, we are not:
- Finding a flaw in AES
- Guessing the key by brute force
- Exploiting a bug in the code
- Doing anything to the ciphertext at all
We are doing something completely different. We are eavesdropping on the execution of the algorithm.
Here is the analogy that finally made it click for me.
Imagine a bank vault with an unbreakable lock. Nobody can crack that lock the engineering is perfect. But every time the bank manager opens the vault, the lock makes a faint click at the right combination number. You stand outside with a very sensitive microphone. You listen. You never touch the lock. You never attack the vault. You just listen to the side channel the sound and you learn the combination.
The vault is secure. The act of opening it is not.
AES is secure. The act of running it on a chip is not at least not without specific, careful, difficult-to-implement countermeasures. And most implementations don’t do them correctly.
That’s why this field exists. That’s why ChipWhisperer exists. That’s why you’re reading this.
Why Classical Cryptography Never Saw This Coming
Here is something I find genuinely fascinating.
When cryptographers designed the threat model for AES, they thought about attackers who have the ciphertext, know the algorithm, have massive computing power, and can do all kinds of mathematical attacks.
They built defenses against all of these. The defenses work. Mathematically, AES is solid.
What they did not think about: an attacker standing next to the chip with an oscilloscope.
Not because they were careless. Because the threat model was abstract. Cryptography lives in the world of math and information theory. The idea that the physical chip running the math would leak the key through its power draw that was outside the model entirely.
Paul Kocher published the first paper on differential power analysis in 1999. The entire field of side-channel analysis basically said: your math is fine, but you forgot the chip exists.
The gap between mathematical security and physical security is not a gap in the math. It’s a gap in the assumptions.
Putting It All Together
Let me summarize what we covered.
We started with a question: if AES is mathematically unbreakable, how can it be attacked?
The answer: by not attacking the math at all. By attacking the physical execution.
Computation has a physical shadow. Every operation on a chip produces side effects power draw, timing variations, EM radiation, sound. These side effects are correlated with the data being processed. An attacker who measures these side effects can extract secret information without ever touching the algorithm.
A side channel is any unintended path through which secret information leaks as a side effect of a system doing its job.
The four main leakage types are timing, power, electromagnetic, and acoustic.
We are not breaking AES. We are eavesdropping on AES running on a chip.
The gap between mathematical security and physical security is real, it is exploitable, and it is the foundation of everything we will do with ChipWhisperer in this series.
What’s Coming in Blog 2
Now that we know that power consumption leaks information, the next question is: why?
Why does processing a 1 draw different power than processing a 0? What is actually happening inside the transistors? What does a power trace actually look like?
Blog 2 goes inside the chip. We talk about CMOS transistors, how they switch, why switching costs energy, and how that energy cost depends on the data being processed. We build the physical intuition you need to understand what ChipWhisperer is actually measuring.
See you there.
What We Learned — Glossary
Side channel — An unintended path through which secret information leaks as a side effect of a system’s physical operation, rather than through its intended output.
Power analysis — A side-channel attack that extracts secret information by measuring the power consumption of a device during cryptographic operations.
Timing attack — A side-channel attack that exploits differences in how long operations take depending on the data being processed.
Electromagnetic (EM) attack — A side-channel attack that captures the EM radiation emitted by a device during computation.
Acoustic attack — A side-channel attack that analyzes sound produced by a device’s physical components during computation.
Threat model — The set of assumptions about what an attacker can do. Classical cryptography’s threat model did not include physical side channels.
ChipWhisperer — An open-source hardware and software platform for performing power analysis attacks on embedded cryptographic implementations.
Power trace — A recording of a device’s power consumption over time during a cryptographic operation. The raw data we analyze in power analysis attacks.
CMOS — The transistor technology used in virtually all modern chips. Why CMOS switching costs energy — and how that energy depends on data — is exactly what Blog 2 is about.