I want to capture the power traces of masked AES implementation from the Atmega328p and the SAKURA-G respectively to carry out some experiments. Where could I get the corresponding codes or files that I can load into them and then capture the traces.
Iāve also adapted the ARM implementation (normally targeting a STM32 MCU but it can be compiled for all ARM targets). But I hadnāt got the time to finish the pull-request. Shame on me
Iāll try to go back on it soon-ish if thereās interest for it
The two implementations from ANSSI (the one for AVR and the one for Cortex-M4) have configurable masks (AVR expects 2 configuration bytes followed by 16-byte mask and ARM implementation expects either 16-byte or 32-byte mask). The other 2 implementations generate the mask internally using an RNG and Iām trying to keep the implementations upstream as pristine as I can. In the case of a ārealā target, the mask wouldnāt be known anyway.
To support all this, I started a series of PR on Gtihub. The first one is there to support variable length commands, which is required for setting the masks.
Once this is merged, Iāll create more pull requests to add the implementations into the firmware directory.
The last two implementations requiring a change in the HAL to start the platform RNG as well as having a get_rand(), they wonāt be supported by all platforms yet (Iāve worked on and tested K82F, nRF52840 and STM32F4 so far).
For the experiments Iām running I started maintaining a repository of pre-compiled firmware for the simpleserial_aes program: https://github.com/jmichelp/chipwhisperer-firmware
I need to finish a few commits and Iāll recompile them soon (the RIOU and KNARFRANK implementation were broken when I last compiled them).
They all use the standard Chipwhisperer ASCII UART protocol.
So the usual commands are:
k[hex-encoded-key] to set the encryption key
p[hex-encoded-plaintext] to set the plaintext
r to get the results.
The firmware for ANSSI SecAESSTM32 needs another command to work:
m[mask_length][mask_value] to set the mask where mask_length indicates the length (hex-encoded, 2 hex chars) of the mask. Supported values for the length are 13 (19-byte mask to protect the AES algorithm only) and 26 (38-byte mask to protect both the AES algorithm and the keysheduling). mask_value is the mask to be used, hex-encoded.