There are many secure applications in which it can be important to protect electronically stored and/or processed data. Secure applications are implemented today in many areas, including ATM cards, identification cards, stored value cards, credit cards, cellular telephones (e.g., SIM cards), computer access control, pay TV, and storage of medical information. Security for these cards and applications often rely on cryptographic computations based on secret keys embedded in the memories of the cards (or other circuitry). Attackers attempt to extract these keys from the card in order to modify the card's contents, create a duplicate card, or generate an unauthorized transaction. Active attacks leave clearly visible signs of tampering while passive attacks often do not.
In a passive attack, information is collected from the card during its normal interaction with a reader. A passive attack may be in the form of a side channel attack. A side channel attack includes deciphering the keys based on the physical implementation of the use of the card or circuitry by focusing on timing information, power consumption, electromagnetic fields, and even sound. For example, current changes (and resulting power signatures) during switching of the logic gates that form a smart card may be monitored via the power supply lines and used to decode the secret keys. This type of attack, also referred to as differential power analysis (DPA), has many negative implications for the owner of the smart card (e.g., an ATM card can be hacked and used to withdraw cash, unauthorized by the card owner, from the card owner's account). Keeping data secure and protected from side channel attacks, including DPA attacks, continues to be an important design consideration.