Power analysis is a type of non-invasive side-channel attack that is uniquely effective against cryptographic hardware modules. It involves monitoring the fluctuating electrical power consumption of a device as it performs cryptographic computations. These power variations can be statistically analyzed to reveal correlations with the secret keys being processed, allowing an attacker to extract sensitive information without breaking the underlying cryptographic algorithm. This attack targets the physical implementation of the hardware, bypassing many of the logical protections that make such modules secure against other forms of attack.

1. Kocher

P.

Jaffe

J.

& Jun

B. (1999). Differential Power Analysis. In M. Wiener (Ed.)

Advances in Cryptology — CRYPTO’ 99 (Vol. 1666

pp. 388–397). Springer. The abstract and introduction (Section 1) establish that power consumption analysis can be used to extract secret keys from tamper-resistant devices like smart cards. DOI: https://doi.org/10.1007/3-540-48405-125

2. National Institute of Standards and Technology (NIST). (2019). FIPS PUB 140-3: Security Requirements for Cryptographic Modules. Section 7.8

"Non-Invasive Security

" explicitly lists power analysis as a relevant attack vector that cryptographic modules must be designed to protect against at higher security levels.

3. Boneh

D. (n.d.). CS255: Introduction to Cryptography

Lecture 18: Side Channel Attacks. Stanford University Courseware. The lecture notes detail various side-channel attacks

highlighting power analysis as a primary method for attacking physical cryptographic implementations. Available at: https://crypto.stanford.edu/~dabo/courses/CS255/lectures/18-side-channels.pdf