This paper describes the first differential power and electromagnetic analysis attacks performed on a hardware implementation of an elliptic curve cryptosystem. In the same time we also compared the metrics used in differential power and electromagnetic radiation attacks. We describe the use of the Pearson correlation coefficient, the distance of mean test and the maximum likelihood test. For each metric the number of measurements needed to get a clear idea of the right guess of the key-bit is taken as indication of the strength of the metric. (C) 2007 Elsevier Ltd. All rights reserved.