

# When Secure Mathematics Meets Leaky Machines: Side-Channel Attacks Across Modern Cryptographic Systems

İsmail Şimşek

*Professor Sylvester Kaczmarek*

## Table of Contents

### 1. Introduction

### 2. Background: The Mechanics of Side-Channel Leaks

- 2.1 Definition and Core Concepts
- 2.2 Historical Development
- 2.3 Categories of Side-Channel Attacks
- 2.4 Security Implications

### 3. Side-Channel Vulnerabilities in Classical Cryptography

- 3.1 RSA: Leaks in Modular Exponentiation
- 3.2 AES: The Perils of Tables and S-Boxes
- 3.3 Elliptic Curve Cryptography: Scalar Multiplication Leakage
- 3.4 The Microarchitectural Layer: Shared Hardware as a Channel

### 4. Mitigation Strategies for Classical Cryptographic Systems

### 5. Extension to Quantum and Post-Quantum Cryptographic Systems

### 6. A Comprehensive Mitigation Framework for Side-Channel Resistance

### 7. Discussion and Future Directions

### 8. Conclusion

### 9. References

### 1. Introduction

Cryptography's foundation is mathematical, built on problems considered computationally unbreakable. Yet, in practice, a cipher's strength often crumbles not from theoretical attack, but from its own physical leak. When a chip calculates a secret, it doesn't do so in silence. It takes time, draws power, and radiates energy. An attacker listening to these signals, a timing pattern, a sudden power dip, a radio wave, can often reconstruct a key without ever solving the intended hard problem. [1], [2], [7]

This gap between theory and machine is the main flaw. Security models assume idealized, abstract machines. Real processors, with their performance caches, branch predictors, and power management, are anything but abstract. Their very efficiency creates data dependent patterns. A conditional branch taken or not, a cache line fetched or missed, translates into a detectable physical signature. This turns what should be a mathematical fortress into an information leak. [1], [7]

The consequences are everywhere. From a car's key to a server in a cloud data center, the vulnerability is universal. Highly secured, certified hardware like HSMs and trusted tools have fallen to these attacks. As we rush to deploy new post quantum algorithms to secure future quantum computers, we are largely integrating them into the same leaky hardware. The new math may be quantum resistant, but the implementation remains side channel vulnerable. [7], [8]

This discussion proceeds from the principles and history of these attacks, through the specific flaws they exploit in today's systems, to the limits of countermeasures. It then examines why emerging quantum and post quantum cryptography inherit the same risks, proposes a more cohesive defense strategy, and identifies where future research must focus.

## 2. Background: The Mechanics of Side-Channel Leaks

Cryptography's promise of secrecy rests on mathematical complexity. Side channel attacks bypass this entirely, exploiting a simpler truth: computing is a physical act. When a processor handles a secret key, it does not operate in a silent, abstract space. It consumes power, creates electromagnetic fields, takes time, and even generate some sounds. These incidental outputs form "side channels". An attacker monitoring these channels isn't solving equations; they are eavesdropping on the chip's physical behavior to reconstruct its secrets.

This vulnerability exists because our hardware is built for speed, not secrecy. Microprocessors optimize performance using techniques that inadvertently leak information. A conditional branch check (like "if this secret bit is 1") takes a different path than its alternative. Accessing data from a fast cache memory is quicker than fetching it from slow RAM. Each of these decisions, dictated by the secret key, alters the device's observable physical state. By collecting thousands of these tiny, data dependent variations, a power dip here, a nanosecond delay there and applying statistical analysis, an attacker can reverse engineer the key. The seminal proof came in 1996 when Paul Kocher showed that timing a web server's RSA responses could reveal its private key, exploiting delays as small as microseconds. [1]

The field evolved rapidly from that revelation. Timing attacks demonstrated the principle, but power analysis provided the scalable, powerful toolkit. In 1999, Kocher, Jaffe, and Jun introduced Differential Power Analysis. [2], [7]

They showed that by measuring a device's fluctuating power consumption during encryption and correlating it with predictions, an attacker could extract keys from even noisy measurements. This transformed side channel attacks from a conceptual threat into a practical, severe risk for any physical device. It made clear that cryptographic security could no longer be evaluated on paper alone; the implementation must be robust.

These attacks manifest through several distinct physical and microarchitectural vectors:

**Timing Attacks:** Exploit data-dependent execution time differences. If an operation is faster when a secret bit is zero, simply measuring runtime reveals the bit.

**Power Analysis:** Measures electrical power consumption. Simple Power Analysis (SPA) visually reads patterns from a power trace chart, while Differential Power Analysis (DPA) uses statistical methods to find correlations between power usage and predicted key values amidst noise.

**Electromagnetic Analysis:** A contactless form of power analysis. Components emit electromagnetic radiation as they switch; a probe can pick up these emanations to create a precise trace of internal operations.

**Cache Attacks:** Target shared resources in modern CPUs. Techniques like Flush+Reload allow a spy process to deduce what memory addresses a victim cryptography process is accessing by monitoring the shared CPU cache, revealing access patterns tied to the key.

**Fault Injection:** Actively induces errors to compromise security. By using a voltage glitch, laser, or clock manipulation to cause a targeted computational error, an attacker can bypass checks or create erroneous outputs that reveal secrets.

[1]–[3], [7]

The security implications are profound and disruptive. Side channel attacks represent a catastrophic failure of abstraction. They allow adversaries with modest budgets using oscilloscopes, simple probes, or even just network access to defeat cryptosystems that are mathematically sound.

### 3. Side-Channel Vulnerabilities in Classical Cryptography

#### 3.1 RSA: Leaks in Modular Exponentiation

RSA's vulnerability stems from its core operation: modular exponentiation using a private key. The standard "square and multiply" algorithm performs an extra multiplication step when the corresponding key bit is '1'. This conditional logic creates a direct side channel signal. Kocher's seminal work exploited timing differences of mere microseconds to recover the key [1].

Subsequently, Differential Power Analysis proved even more effective, using statistical methods to correlate the distinct power signatures of squaring versus multiplication operations with the secret bits, even in significant electrical noise filled environments [2], [7]. Perhaps most surprisingly, acoustic cryptanalysis has shown that the small, high frequency sound emitted by a laptop's voltage regulators during RSA decryption can also betray the full private key [4].

#### 3.2 AES: The Perils of Tables and S-Boxes

While AES is a symmetric cipher with strong theoretical security, common software implementations are notoriously leaky. Implementations optimized for speed using pre computed lookup tables introduce fatal data dependent memory accesses. Bernstein demonstrated that an attacker could recover the key by analyzing cache timing patterns, as the accessed memory address depends on secret intermediate values [3]. Beyond cache timing, the algorithm's structure is susceptible to power analysis. The non linear SubBytes operation consumes power correlated to its input and output. Attackers use Correlation Power Analysis to match collected power traces with predictions, isolating correct key guesses with high efficiency from a few hundred traces [2], [7]. Fault injection attacks compound the threat, where deliberately induced computational errors during later AES rounds enable key recovery from faulty ciphertexts.

#### 3.3 Elliptic Curve Cryptography (ECC): Scalar Multiplication Leakage

ECC's efficiency advantage is matched by specific side channel risks. The critical operation, scalar multiplication, often uses a "double and add" algorithm analogous to RSA's square and multiply. If the point addition is conditional on a scalar bit, timing and power profiles directly reveal the private key. Furthermore, implementations lacking rigorous input validation are vulnerable to "invalid

curve" attacks. By supplying points that lie on a different, carefully chosen curve, an attacker can force computations where the results or the mere presence of an error leak information about the secret scalar through side channels. [7]

### 3.4 The Microarchitectural Layer: Shared Hardware as a Channel

Modern processor optimizations have created a pervasive new attack surface that undermines software isolation. Attacks like Spectre and Meltdown exploit speculative execution, a performance feature where the CPU pre computes possible future instructions. These speculatively executed operations can access secret data and leave measurable traces in the cache, which a concurrent attacker process can detect, breaking isolation across security boundaries. [9], [10]

Cache-based attacks are more direct. In shared environments like cloud servers, techniques such as Flush+Reload and Prime+Probe allow an attacker's virtual machine to monitor the cache access patterns of a co located victim performing cryptographic operations. By detecting which cache lines are loaded (e.g, during an AES table lookup), the attacker infers memory addresses tied to secret data [3]. These attacks have successfully targeted trusted execution environments (TEEs), demonstrating that hardware-enforced isolation is frequently compromised by shared microarchitectural state.

## 4. Mitigation Strategies for Classical Cryptographic Systems

Defending against side-channel attacks is a layered challenge, there's no one, ultimate fix. You have to build protection at multiple levels: in the hardware itself, in how the software runs, and in the way the whole system is organized. Each layer adds cost, complexity, or performance hits, making real-world deployment a constant trade-off.

Starting with the hardware, one approach tries to eliminate the data dependent power signature. Designs like dual rail pre charge logic use paired circuits to balance power draw whether processing a 1 or a 0. It works in theory, but the silicon area and power overhead are so high you only see it in specialized, high cost chips. More commonly, engineers inject noise random timing jitter or power spikes to blur the signal. It makes an attacker's job harder, but with enough samples, determined adversaries can average through the noise. Shielding with metal enclosures or Faraday cages blocks electromagnetic leaks but does nothing about timing and adds bulk and expense. Even Hardware Security Modules (HSMs) and secure enclaves like Intel SGX, which bundle these techniques into isolated zones, have been cracked through microarchitectural side channels. Clearly, hardware alone can't seal every leak.

That's why software defenses are so critical. The most important rule is writing constant time code. This means eliminating any "if" statements, lookups, or loops where the execution time or memory accesses depend on secret data. Every possible path through the code must take exactly the same time. Modern crypto libraries are built around this discipline. Beyond that, masking (or secret sharing) tries to break secrets into random pieces, processing each piece separately so the actual value is never exposed in a single trace. Doing this correctly is not an easy process, higher-order masking adds major computational overhead. Other controls like inserting dummy operations or shuffling the order of independent steps mainly slow an attacker down; they don't provide guaranteed security.

How the system is configured also matters. In shared environments like cloud servers, cache partitioning can prevent one virtual machine from spying on another's memory activity. Strong process isolation helps, but it's not enough against CPU level leaks like Spectre. Defenses there often involve using serializing instructions or turning off certain speculative optimizations actions

that inevitably slow things down. Tools exist to test for obvious side-channel flaws, but they can't catch every possible physical leak.

## 5. Extension to Quantum and Post-Quantum Cryptographic Systems

The push toward quantum resistant cryptography is often framed as a definitive answer to the threat of quantum computers. Yet, this next generation security faces an old, familiar problem: side-channel leaks. Theoretical guarantees are not absolute against the messy reality of physical hardware, making implementation the new critical battleground.

Quantum Key Distribution offers a compelling promise security rooted in the laws of physics. However, its practical implementations are analog systems built from lasers, detectors, and classical control electronics, all of which introduce vulnerabilities. A telling example is the detector blinding attack. Single photon detectors, the heart of the receiver, can be forced into a predictable, "classical" state by flooding them with a bright light pulse. This allows an eavesdropper to read the full key without disturbing the quantum signal enough to trigger alarms. Other attacks exploit timing flaws in the classical post-processing stack or imbalances in the optical components. These breaches confirm, QKD's perfect security exists mostly on paper. Its real world safety depends entirely on the imperfect physical devices running it, demanding rigorous, ongoing hardware characterization that is often impractical. [5], [6]

Post-Quantum Cryptography, the software based alternative, is not immune. Algorithms like the lattice based Kyber and Dilithium replace integer factorization with complex polynomial arithmetic. While the math is new, the execution environment is the same leaky hardware. Their core operations, polynomial multiplication, sampling from noise distributions are open ground for side-channel analysis. Data dependent branches in rejection sampling or secret dependent memory accesses in number-theoretic transforms (NTTs) create timing and cache vulnerabilities as potent as those in AES or RSA. Research has already shown that secret dependent branches in some reference PQC code are directly exploitable. Furthermore, their large parameter sets (e.g., polynomials with 1024 coefficients) expand the attack surface, meaning leakage from any part of the key can be statistically pooled for a full recovery. [11], [12], [13]

The overarching implication is that quantum-era cryptography does not escape the laws of physics or economics. Side-channel vulnerabilities are not a legacy issue but a persistent one.

## 6. A Comprehensive Mitigation Framework for Side-Channel Resistance

Securing systems against side channel attacks demands a unified defense strategy that stretches from the silicon to the operational network. Since no single fix is sufficient, the goal is to build overlapping layers of protection, acknowledging that some residual risk will always remain. This framework coordinates defenses across hardware, software, architecture, and practice, with special attention to the hybrid nature of quantum era systems.

A critical but often overlooked starting point is securing the classical infrastructure that surrounds advanced cryptography. Even in a post-quantum or QKD deployment, the management network, control software, and monitoring tools handle sensitive metadata and operations. These become attractive side channel targets. Isolating this infrastructure using out-of-band management and strict network segmentation is essential. Furthermore, telemetry itself can be a leakage source fine grained metrics on CPU timing or power draw might inadvertently help an attacker. Defenses here

include aggregating data, injecting noise into measurements, and applying strong encryption to all monitoring data in transit and at rest. The monitoring system must be hardened and audited as fiercely as the core cryptographic modules.

For quantum specific systems, the physical layer requires dedicated protections. Quantum key distribution devices are ultimately analog optical systems. Components like single-photon detectors must be physically secured against tampering. Countermeasures against detector blinding attacks involve active optical monitoring, built in self-tests, and using redundant, diverse detector channels to cross check behavior. Continuous device authentication and calibration are necessary to ensure components haven't been substituted or degraded in a way that creates a leak. It's also vital to remember that the classical post-processing stage in QKD where raw key material is sifted, corrected, and amplified, runs on ordinary computers. This stage must itself employ constant-time programming and masking, or it becomes the weakest link, undermining the quantum layer's security.

The core strategy is a defense-in-depth architecture that creates multiple hurdles for an attacker:

**Hardware Layer:** Use constant-power logic and physical shielding where cost permits.

**Algorithmic Layer:** Implement provably constant-time code and masked arithmetic, even for complex PQC operations.

**Software Layer:** Enforce secure coding practices and use compilers that respect constant-time semantics.

**Systems Layer:** Apply strict process isolation, cache partitioning (in shared clouds), and principle of least-privilege access.

**Network Layer:** Obscure traffic patterns with padding and timing obfuscation.

A key principle within this model is privacy-preserving observability. Security monitoring should not become the attack vector. Techniques like differential privacy can be applied to telemetry, emitting only aggregated, noisy data. Delaying the report of fine-grained logs and using secure computation for analysis can help maintain operational insight without exposing raw, leaky data streams. [7], [8]

Underlying all this must be an assume-breach design philosophy. Accept that some leakage will likely occur. Therefore, cryptographic implementations should be designed to remain secure even if partial information is revealed for instance, by ensuring that key recovery requires an infeasible number of traces even under leakage. This mindset mandates regular penetration testing focused on side-channels, red-team exercises, and having an incident response plan for when a novel side-channel vector is discovered.

## 7. Discussion and Future Directions

The fight against side-channel attacks is evolving, not ending. One hard-learned lesson stands clear: side channel resistance is not a feature to be bolted on, but a fundamental property that must be

woven into a system's fabric from the start. Whether dealing with classic RSA or new lattice-based algorithms, the root cause is the same computation is a physical act. Effective defense, therefore, demands an integrated view, combining hardware design, meticulous software practice, and thoughtful system architecture. There is no silver bullet; only a layered defense can hope to manage the risk.

New challenges are emerging on this landscape. Post-quantum cryptography, for all its mathematical novelty, introduces fresh implementation headaches. The complex arithmetic of algorithms like Kyber and Dilithium with their polynomial multiplications and data-dependent sampling steps creates rich new sources of leakage that we are only beginning to map. Meanwhile, the push to deploy these heavier algorithms on resource-constrained IoT devices creates a stark tension; the very countermeasures needed to secure them (like high order masking) may be too costly in power and performance for a sensor or smart lock.

Furthermore, the computing environments we rely on are becoming more hostile. Cloud and multi-tenant systems turn shared hardware caches and processors into a broadcast system for side channel signals. While confidential computing technologies promise isolation, they have repeatedly been shown to leak through microarchitectural seams, proving that logical isolation is not a physical barrier.

A significant shift is the rise of machine learning in this domain. ML is a powerful dual use tool. [14]

For attackers, it automates the extraction of subtle signals from noisy power traces, lowering the skill barrier for sophisticated attacks. For defenders, it offers potential for real time anomaly detection flagging unusual power signatures that might indicate an active probe. However, the advantage often leans toward the attacker, who can train models offline with copious data, while defenders must operate in real-time with less context.

Critical research gaps hinder progress. We lack robust, scalable tools for formally verifying that code is truly constant-time across different processors. Standardized testing methodologies for evaluating the side-channel resistance of PQC implementations are still in their infancy. Perhaps most importantly, we lack good economic models to guide decision-makers on the cost benefit trade-offs of implementing expensive hardware or software countermeasures, leaving security as an often-unquantifiable expense.

For the industry, the path forward requires a change in mindset. Security evaluations must expand beyond logical vulnerabilities to include physical security assessments that probe for side-channel leaks. Procurement and certification should demand evidence of side-channel resistance, not just algorithmic compliance. As organizations begin their transition to quantum-aware systems, they must apply equal scrutiny to the classical management and monitoring infrastructure that will surround them. In essence, the future demands hybrid threat modeling one that considers both the mathematical strength of the cipher and the physical reality of the machine running it. The next frontier of cryptographic security will be defined not just by smarter math, but by more resilient implementations.

## Conclusion

The promise of unbreakable encryption is a myth not because the math fails, but because the machine talks. This paper has argued that the most profound threat to cryptographic security isn't found in equations, but in the physics of the chip executing them. Side channel attacks exploit this unavoidable reality, "computation leaves a trace". Whether through a flicker in power consumption, a whisper of electromagnetic radiation, or a timing difference measured in nanoseconds, secret data bleeds into the observable world.

Our analysis reveals, this vulnerability is universal. From the well known paths of RSA and AES to the new frontiers of lattice based cryptography and quantum key distribution, the attack surface mutates but never disappears. Microarchitectural side-channels have shattered the illusion of hardware enforced isolation in the cloud, while "quantum-safe" algorithms arrive pre packaged with classical implementation flaws. Technological evolution does not solve this, it simply changes the attack vector.

The core takeaway is that leakage is not an anomaly; it is an inevitability of physical systems. Therefore, the goal cannot be perfect silence, but rather managed noise. Effective defense requires a layered, holistic stance what we call defense in depth. This integrates constant-time programming to flatten timing signals, masking to scatter secrets, system-level isolation to contain damage, and hardware resistance where feasible. It is a philosophy of resilience, not purity.

Ultimately, the future of trust in our digital infrastructure hinges on closing the gap between cryptographic theory and engineering practice. It demands that mathematicians, hardware engineers, and software developers collaborate to co design systems where security is baked into every layer, from the silicon up. The final encryption standard won't be a mathematical construct alone, but the demonstrated ability of a real device to keep its secrets silent.

## References

- [1] P. Kocher, "Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems," in *Advances in Cryptology—CRYPTO '96*, vol. 1109, N. Koblitz, Ed. Berlin, Germany: Springer, 1996, pp. 104–113.
- [2] P. Kocher, J. Jaffe, and B. Jun, "Differential power analysis," in *Advances in Cryptology—CRYPTO '99*, vol. 1666, M. Wiener, Ed. Berlin, Germany: Springer, 1999, pp. 388–397.
- [3] D. J. Bernstein, "Cache-timing attacks on AES," Dept. Math., Stat., and Comput. Sci., Univ. Illinois at Chicago, Tech. Rep., 2005.
- [4] D. Genkin, A. Shamir, and E. Tromer, "RSA key extraction via low-bandwidth acoustic cryptanalysis," in *Proc. 34th Annu. Cryptology Conf. (CRYPTO 2014)*, Santa Barbara, CA, USA, Aug. 2014, pp. 444–461.
- [5] L. Lydersen, C. Wiechers, C. Wittmann, D. Elser, J. Skaar, and V. Makarov, "Hacking commercial quantum cryptography systems by tailored bright illumination," *Nature Photonics*, vol. 4, no. 10, pp. 686–689, Oct. 2010.
- [6] I. Gerhardt, Q. Liu, A. Lamas-Linares, J. Skaar, C. Kurtsiefer, and V. Makarov, "Full-field implementation of a perfect eavesdropper on a quantum cryptography system," *Nature Communications*, vol. 2, Art. no. 349, Jun. 2011.

- [7] S. Mangard, E. Oswald, and T. Popp, *Power Analysis Attacks: Revealing the Secrets of Smart Cards*. New York, NY, USA: Springer, 2007.
- [8] National Institute of Standards and Technology, “Status report on the third round of the NIST post-quantum cryptography standardization process,” NIST IR 8413, Jul. 2022.
- [9] P. Kocher, D. Genkin, D. Gruss, et al., “Spectre attacks: Exploiting speculative execution,” in *Proc. IEEE Symp. Security and Privacy*, San Francisco, CA, USA, May 2019, pp. 1–19.
- [10] M. Lipp, M. Schwarz, D. Gruss, et al., “Meltdown: Reading kernel memory from user space,” in *Proc. 27th USENIX Security Symp.*, Baltimore, MD, USA, Aug. 2018, pp. 973–990.
- [11] P. Ravi, J. P. D’Anvers, S. Bhasin, and D. Jap, “Generic side-channel attacks on lattice-based schemes,” in *Proc. Cryptographic Hardware and Embedded Systems (CHES)*, 2022, pp. 509–531.
- [12] A. Oder, T. Pöppelmann, and T. Güneysu, “Practical power analysis attacks on lattice-based cryptography,” in *Proc. Cryptographic Hardware and Embedded Systems (CHES)*, 2018, pp. 335–357.
- [13] National Institute of Standards and Technology, “Post-quantum cryptography: Implementation considerations,” NIST IR 8425, 2023.
- [14] L. Batina, S. Bhasin, D. Jap, and S. Picek, “Machine learning in side-channel analysis: A survey,” *IEEE Trans. Information Forensics and Security*, vol. 14, no. 8, pp. 2033–2050, Aug. 2019.
- [15] D. J. Bernstein and T. Lange, “Cache-timing attacks on AES,” *Cryptology ePrint Archive*, Rep. 2007/366, 2007.