A type of side-channel attack that measures the power consumption of a secure token such as a smart card to get it to divulge information it should keep secret, such as PINs or private keys. It is generally possible only if the attacker has physical access to the cryptosystem to be analyzed. It works because different cryptographic information and operations cause different fluctuations in the power usage of the cryptographic device. For example, if a smart card stores a '1' bit in its onboard RAM, that will cause the smart card to use more power than if the card stored a '0' bit there. Similar principles apply for devices that are in operation.