DPA attacks operate by measuring power levels at different parts in chips, particularly trying to identify encryption...
keys. Researchers use various tools to measure power usage when a device performs operations using encryption keys. Measuring the power usage determines what kind of computational operations are being done by a device. DPA attacks in turn extract knowledge of how encryption algorithms operate to be able to find the encryption keys.
With the advancements in field-programmable gate arrays (chips and chip components designed to be changed by a reseller after the manufacturing process) and advancement in DPA tools, even more attacks will become plausible. Advancements in DPA may make it more viable for attackers to go after the cryptokeys in mobile devices.
One additional point to remember is that attacks only get more creative over time and that any security control can be broken. It's wise to plan ahead when research suggests that exotic attacks will become more accessible. In this case, enterprises should keep these types of attacks in mind when looking into systems that depend on the security of one part of the system to stop a user from analyzing the operations of a device in great detail. Enterprises should plan for these types of attacks and make sure the application or system is easily patched or upgraded to defend against DPA or other types of attacks.
Dig Deeper on Emerging cyberattacks and threats
Related Q&A from Nick Lewis
A new remote access Trojan called UBoatRAT was found spreading via Google services and GitHub. Learn how spotting command-and-control systems can ... Continue Reading
CyberArk researchers created an attack called Golden SAML that uses Mimikatz techniques and applied it to a federated environment. Learn more about ... Continue Reading
The use of botnets to spread Scarab ransomware intensifies the threat for enterprises. Discover the best way to respond to such a threat and protect ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.