Side channel attacks (SCA) remain among the most practical threats to cryptographic implementations, yet most evaluations are still performed on simple in order cores such as AVR or Cortex M microcontrollers. These platforms offer clean traces and predictable timing and do not reflect the complexity of modern processors. As a result, risk assessments based solely on microcontroller level studies may misjudge both attacker capabilities and the true effort required for exploitation.

Our recent work at USENIX WOOT 2025 [1], systematically evaluated AES side channel resistance on the ARM Cortex A72, a 64 bit, multi core, out of order processor running a full Linux OS. Even basic cryptographic operations suffer from heavy jitter and trace misalignment caused by multi core execution and OS activity, while high clock speeds challenge low cost measurement setups. Making the analysis work required extensive reverse engineering and repeated re-instrumentation to identify usable trigger points and expose leakage that is otherwise buried under noise and scheduling effects.

To represent realistic attacker effort, we introduced a mult-tier threat model cover threat models from basic non-profiled attacks to state of the art profiled deep learning based SCA. Results show that out of order architectures significantly increase the work needed for successful attacks, yet determined and well resourced adversaries can still recover keys within a few thousand traces. We released our traces and launched the CHES Challenge 2025 [2], which drew 34 teams and 121 submissions. Participants achieved up to a tenfold reduction in attack effort, demonstrating the value of community driven experimentation when evaluating real world SCA risk.

[1] Boyapally et al. Reality check on Side-Channels. In 19th USENIX WOOT 2025
[2] Yap et al. CHES Challenge 2025: GE Wars. https://pace-tl.gitbook.io/ches-challenge-2025.