Types of Side Channel Attacks:
Electromagnetic (EM) attacks are essentially power monitoring attacks with a further magnetic component, adding depth and detail to the signals being analyzed.
EM attack methods combine power monitoring attacks with monitoring of the magnetic spectrum at various distances. Today’s low-power devices usually require that an attacker be near the device being monitored at least once to install monitoring hardware.
An example of an Electromagnetic attack at consumer level is Radio Frequency Identification (RFID) skimming, which can be done from a few feet away. This is something to consider now that contactless bank cards and travel permits are commonplace.
In the case of a physically compromised cryptographic system, physically accessing the device to get close-in readings of the microprocessor(s) in action (e.g. a CMOS chip or CPU). Clearly this type of technique is only really worthwhile for high-value targets, though the falling price of equipment and improvements in the techniques involved mean that an increasing number of methods are no longer inaccessible to anyone but state-level security operations.
Acoustic cryptanalysis makes use of the sounds made by various devices to work out the content that’s being input or displayed in a number of different ways. One of the earliest known side channel attacks was used by the British Security Service (MI5) against the Egyptian Embassy in London in 1965 to deduce rotor settings on a mechanical cipher machine used for secure communications.
By recording key strokes, input from keyboards (including ATM keyboards) can be worked out based on the slightly different sound each key makes. With the right microphone, the sound made by print heads on an ink jet printer can be used to reconstruct what was printed. Recently security researchers have been able to prove that it’s possible to record the coil whine from an LCD monitor to work out what’s being shown — previously listening to coil whine was only a laptop security issue.
In fact, with consumer-level devices, the constant drive for lower power (e.g. EnergyStar ratings on old PCs, low power Bluetooth LE) aren’t just part of a campaign to be eco-friendly; lower emissions and greater shielding are a key part in protecting devices from electromagnetic and other side channel snooping.
Edited by Mario Vulcano