Main menu


What is Side Channel Attack, Side channel attacks have historically been difficult to perform, and are now becoming more common due to several factors? The increased sensitivity of gauges has made it possible to collect very detailed data about the system while it is running. Additionally, greater computing power and machine learning enable attackers to understand the raw data they are extracting. Better, this deeper understanding of the target systems allows attackers to better exploit subtle changes in the system.

What is Side Channel Attack

What is a side channel attack?

A side-channel attack is a security exploit that aims to gather information from or influence the execution of a system program by measuring or exploiting the indirect effects of the system or its hardware, rather than directly targeting the program or its code. The most common goal is to steal sensitive information, including That cryptographic keys, by measuring the emissions of the devices encountered, a side-channel attack can also be referred to as a sidebar attack or an execution attack.

Examples of a side channel attack

When imagining trying to determine where a person drove their car, a typical channel of attack is to track the car or use a GPS tracking system, on the other hand, a side channel attack uses measurements around the car to try to determine how to use it, for example, Measuring changes in the amount of gas in the tank, vehicle weight, engine temperature or passenger compartment, and the like, may reveal information about vehicle use, places or distances traveled, or what is stored in the trunk, all without directly affecting the vehicle or alerting its owner It is under investigation.

Attackers can also track down high-value targets, such as secure processors, TPM chips, and cryptographic keys, so that obtaining only partial information can help a traditional attack vector, such as a brute force attack, to obtain the Higher chance of success Side channel attacks can be deceptive to defend against, difficult to detect in action, often leave no trace and may not change the system while it is running, side channel attacks can prove effective against systems that are physically isolated from computers or networks other.

Types of side channel attacks


An attacker measures electromagnetic radiation, or radio waves, emitted by a target device to reconstruct that device's internal signals. SDR) Barrier of entry for electromagnetic attackers, which can be made through walls and without any contact with the target device.

My voice

The attacker measures the sounds made by the device. Proof-of-concept (POC) attacks have been implemented that can reconstruct the user's keystrokes from an audio recording of the user's typing, and the hacker can also get some information by listening to the sounds of the electronic components as well.


A hacker measures or affects the power consumption of a device or a subsystem, by monitoring the amount and timing of power used by a system or one of its subcomponents. for the attacker.


The attacker uses visual cues to get information about the system, although they are rarely used against computers, some (POC) attacks have been implemented, where the audio can be reconstructed from a video recording of an object In relation to the sounds, simple browsing attacks may also fall into this category.


The malicious actor uses the length of time the process takes to obtain information, the total time can provide data about the state of the system or the type of process that is running, and the attacker can compare the length of time of a known system with the victim system to make accurate predictions.

temporary memory

An attacker misuses the cache to gain additional access. Modern systems use data caching and prefetching to improve performance. An attacker can also misuse these systems to gain access to information that should be blocked.

Hardware weaknesses

A hacker can use the physical properties of a system to induce behavior, cause an error, or exploit residual data, which is data that persists after deletion. It is located near the physical random access memory (RAM) chip, and ECC memory can also help prevent this attack, in a cold boot attack, the attacker quickly lowers the temperature of the RAM, causing some information to be retained after removing power so the attacker can read it again.

How to prevent a side-channel attack

Organizations can implement some best practice mitigations that may help protect against side-channel attacks, these attacks usually require specific detailed knowledge of the system to be implemented, so the company must keep the implementation and vendor details as a trade secret, which can prevent randomization of space layout Addressing (ASLR) a type of precautionary protection for the computer, some memory or cache-based attacks, the use of business-level equipment can also help prevent systems from being exploited, and physical access to the systems should be restricted as well.

Companies can also maintain sensitive systems, and power conditioning equipment can protect against energy attacks, as severe mitigation, increasing the amount of noise in the system will make it more difficult for an attacker to obtain useful information, moreover, the following insights are often wasted and it is not recommended In general, they may be useful in certain circumstances, where while performing an encryption process, some systems simultaneously perform many similar, irrelevant and worthless operations to hide those that the attacker might be interested in, the system may also Running unnecessary processes or components to obscure power or computational use so that it is not related to actual use.