Template Attacks - assumption

How practical is the assumption of having a profiling device for which the encryption keys can be varied to perform template-based power side-channel attacks?



I haven’t done much in the way of profiling attacks, but I’ll do my best to answer your question.

Having a device to build up a profile should be pretty practical. Remember that you’re attacking the actual cryptographic operation taking place, not any other part of the code. Therefore you should be able to get a copy of the device and upload your own code to build up your profile.

Hope that makes sense