ABSTRACT
In practical scenarios however such a security model does not always hold. In fact, proving the mathematical security of an algorithm does not imply that an implementation of such algorithm is secure. Let us consider an adversary that wants to extract the secret key used by a smart card implementing a signature generation algorithm such as RSA [347]. Rather than trying to come up with a way to solve the computationally hard problem of
to extract secret key by exploiting the physical characteristics of the implementation. For instance, he might try to extract the key by reading the memory contents or even corrupting the firmware.
