When I say side channel attack, I simply main any attack outside the main channel. Here's the model:

Encrypted storage is basically the same as an encrypted communication between whoever stores the data and whoever retrieves the data. In this case, the encrypted container is the "main channel." Any information that you obtain outside the main channel, comes to you via a "side channel." This does not need to be anything as technically sophisticated as analyzing tempest emissions or even a keylogger. A popular low-tech example would be dumpster diving.

I believe that, for example, finding unencrypted fragments of 600 images on somebody's hard drive is adequate to prosecute. This does not prove what is in the encrypted container, but I do not think that is at all necessary when sufficient evidence of receipt and/or possession exists.

As to the media's statement, that is hardly conclusive. This statement, "uncovered enough evidence from Schurgard's encrypted files to charge him with 616 counts..." actually gives me the impression that they likely did not break the encryption. But I can't imagine what could possibly have taken them five years to prepare a case, unless they spent those five years sitting around waiting for a cracking machine working a dictionary attack.

This is all speculative. I do wish somebody would take enough interest in the matter to actually find out what happened.

Student