> From: John Anderjaska [mailto:john.anderja...@dsainc.com] > Sent: Thursday, August 28, 2014 1:24 PM > > In summary I'd say it is a glaring hole in most contemporary > security solutions.
But the type of information that could be introduced to that medium is what? Take it as given, that certain CPU instructions are prone to consume more power than other instructions, just because they activate larger areas of the chip, with a larger number of bit flips and gate propagations occurring internally, so yes, the power consumed "fluctuates according to the computation that is being performed by its processor," but does not reveal specifics of the data that is being processed. This is like watching the power consumption of a house painter painting a house with his spray gun, and based on the power fluctuations, determining what color paint he has loaded in the spray gun. Yes you can probably tell when he's painting, but no you can't determine *what* he's painting. Yes I believe an observer of the ground signal could determine "I saw a power spike between X ms and Y ms, which probably means you did something cryptographic or doing some kind of compression or decompression, or graphics rendering," but no I don't believe even remotely, that they are extracting private keys out of that signal, nor what jpg you viewed, nor what file you zip'd up, or what video you converted from H.264 to Mpeg4. All of these would be the *content* of what you were processing at the time.
