Template Attacks - assumption


#1

Hello,
How practical is the assumption of having a profiling device for which the encryption keys can be varied to perform template-based power side-channel attacks?

Thanks!


#3

Hello,

I haven’t done much in the way of profiling attacks, but I’ll do my best to answer your question.

Having a device to build up a profile should be pretty practical. Remember that you’re attacking the actual cryptographic operation taking place, not any other part of the code. Therefore you should be able to get a copy of the device and upload your own code to build up your profile.

Hope that makes sense

Alex