|
|
|
|
|
|
by xw30992
863 days ago
|
|
|
You would think things like spread spectrum clocking and low passing power would thwart this attack but really it just means you need to take a larger average and computers are really fast. See for example:
http://www1.ece.neu.edu/~saoni/files/Chao_ICCD_2015.pdf I still can't believe that worked. That said, these techniques are pretty old now and vendors should be mitigating this attack. |
|
|
And I'm having a hard time figuring out how big that difference is, it may well be 'impractical today, childsplay tomorrow'. And ESP32 devices are in a lot of different places. Access to the hardware should be assumed (because you're not going to be able to monitor the 3.3V line with this level of accuracy otherwise), I'd assume any caps after the monitoring point would be removed and the only capacitance left would sit on the supply side before the current transformer. If that's your setup and you have no knowledge of what's running on the chip is it doable or not?
The article suggests that any key can be recovered in a couple of seconds but I don't think that's the case at all.