Using power measurements to learn about program flow has clear security implications, but what if we can go further than just learning about the program flow? It’s easy to imagine an algorithm where the code has the same program flow regardless of data being processed, but with a powerful technique called differential power analysis (DPA), we can learn about the data being processed by a device, even if the program flow is exactly the same.

In the previous chapter, you learned that simple power analysis uses a device’s power signature to broadly determine the operation it’s performing. ...