This paper presents a systematic investigation into the leakage of compromising information via electromagnetic (EM) emanations from CMOS devices. The authors demonstrate that EM emanations consist of multiple signals, each leaking different information about the underlying computation. They show that EM emanations can be used to attack cryptographic devices where power side-channel attacks are unavailable and even to break power analysis countermeasures. The paper discusses the causes and types of EM signals, including direct and unintentional emanations, and the equipment required to capture and extract these signals. Experimental results illustrate various types of emanations and compare information leakages from EM and power signals. The authors find that even a single EM sensor can detect multiple compromising signals of different types and strengths, with significant amounts of compromising information found in very low-energy signals. The paper also describes attacks using EM signals, such as simple and differential electromagnetic attacks (SEMA and DEMA), on implementations of DES, RSA, and COMP128 on smart cards, cryptographic tokens, and SSL accelerators. It outlines an approach to break fielded systems with power analysis countermeasures by exploiting "bad instructions" that leak more information in EM signals than in power signals. The authors conclude that EM side-channels are highly effective due to the presence of multiple, unintentional, information-bearing signals. They highlight the need for models and techniques to assess the net information leakage from all EM signals and discuss countermeasures to reduce signal strength and information content.This paper presents a systematic investigation into the leakage of compromising information via electromagnetic (EM) emanations from CMOS devices. The authors demonstrate that EM emanations consist of multiple signals, each leaking different information about the underlying computation. They show that EM emanations can be used to attack cryptographic devices where power side-channel attacks are unavailable and even to break power analysis countermeasures. The paper discusses the causes and types of EM signals, including direct and unintentional emanations, and the equipment required to capture and extract these signals. Experimental results illustrate various types of emanations and compare information leakages from EM and power signals. The authors find that even a single EM sensor can detect multiple compromising signals of different types and strengths, with significant amounts of compromising information found in very low-energy signals. The paper also describes attacks using EM signals, such as simple and differential electromagnetic attacks (SEMA and DEMA), on implementations of DES, RSA, and COMP128 on smart cards, cryptographic tokens, and SSL accelerators. It outlines an approach to break fielded systems with power analysis countermeasures by exploiting "bad instructions" that leak more information in EM signals than in power signals. The authors conclude that EM side-channels are highly effective due to the presence of multiple, unintentional, information-bearing signals. They highlight the need for models and techniques to assess the net information leakage from all EM signals and discuss countermeasures to reduce signal strength and information content.