This article revisits the “Correlation Power At- tack” (CPA [18]), and justifies its physical relevance regarding CMOS circuits dissipation model. The CPA is then shown to be practical – and reproducible – on a real piece of hardware (DES co-processor.) Based on this successful at- tack, a theory about the vulnerability is derived. It happens that the attack asymptotic strength is not related to the acquisition conditions, but only to the algorithm implementation. In the case of an iterative implementation of a Feistel cipher, we show that the customarily used power models are valid. Within this theoretical framework, the attack strength depends only on the substitution boxes mathematical properties. A new distinguisher (9), more efficient than the transparency order [10], is proposed. Two enhancements of the proposed distinguisher are presented. The study of the relationship between the proposed distinguishers and the substitution boxes is still an open problem.