In 1998 Paul Kocher, an American cryptographer and president and chief scientist of Cryptography Research, Inc. (CRI, acquired by Rambus in 2011), published a technical paper titled “Differential Power Analysis” where he introduced a new form of attack on computer systems that employ cryptography. This form of attack is called power analysis, which belongs to the family of side-channel attacks.
The essence of side-channel attacks is studying either power consumption, electromagnetic emission, or other externally measurable effects of a device with the aim of acquiring cryptographic keys or other secrets. Kocher’s work has shown that electronic devices are very much predictable and that, in general, an accurate measurement of amounts of power a device draws over time discloses the nature of its computations.
The attack described by Kocher is very effective since measuring power consumption is not detectable because the observer does not intervene with the operation of the device in any way. Therefore, this attack can be used against tamperproof “black box” devices, such as smart cards, cryptographic accelerators, and other integrated circuits.
Kocher describes three kinds of power analysis: