[devdoomari]

...how about a random-power-consumer? would it help?

[dom0]

No, not at all. A raised SNR can be overcome in almost all circumstances by making more measurements, i.e. correlation, since noise is not correlated, it is removed. For the same reason random delays don't help against timing attacks.

[Drdrdrq]

Curious: how about generating noise which is correlated to signal and actively tries to modify output to some "random" noise?

[Cyph0n]

That's how DPA works as far as I understand.

[Ferofluid]

Not if you calculate keys nonstop, then have another machine pick from a huge list later.

[tinus_hn]

Perhaps you could quantize the level.

[Klathmon]

Generally mitigations like adding random things only delay attacks like this, they don't prevent them.

Like adding random timings won't prevent timing attacks, adding random sized strings won't prevent chosen plaintext or padding attacks, etc...

[Gibbon1]

Wonder if you can hash the cryto algorithm.

[Dinux]

This was even tested with CTR and GCM (I know this for a fact), which were not a problem at all. Surprisingly GCM was somewhat easier than hashing modes. But also CBC was detectable after a few blocks.

[laydn]

Cryptography Research (now RAMBUS) developed solutions against these DPA attacks. Real solutions are much more complex than just "random-power-consuming"

See: https://www.rambus.com/security/dpa-countermeasures/