Current-Based Side-Channel Attacks, Two Ways

Funny things happened when security researcher Roman Korkikian and electronics engineer Limpkin met. Limpkin was helping Roman figure out a current-based attack on the crypto engine inside ESP32s, which would require teasing useful signal data from redundant noise. Limpkin offered to build two circuit boards. The first circuit board relied on a balun to separate device under test from the amplifier stage, while The second took a different approach and literally used a shunt resistor with a few tweaks. An OPA855 low-noise op-amp was use as a prevention measure so the board wouldn’t disconnect as it was powered by a small battery, as well as a variable attenuator. Surprisingly, the boards turned out to surprisingly effective, cracking a range of different chips, renowned theagy as winner!