Aes cpa attack : HD vs HW, implementation


#1

Hi Colin,

I am trying to understand why attack using the Hamming Distance model doesn’t success to expose the secret key, while using HW model was successful.

I am running the built-in CPA attack on AES 128 on the XMEGA target of the ChipWhisperer .
It works (exposes the key) with the default code in attack_cpa.py, which use HW model:
leak_model = AES128_8bit( SBox_output )
attack.setAnalysisAlgorithm(CPAProgressive, leak_model)
However, when I change to HD : leak_model = AES128_8bit( SBoxInOutDiff ) it doesn’t expose the key.

Where can the compiled C code/ assembly code in order to understand exactly where are the SboxInput and Sboxoutput variables are stored? are they stored in different registers? same register? are the registers reset to a 0/1 value between the clock cycles?

I would like to get information/sources about the implementation that would help me understand why using the hamming distance model doesn’t work.

Thank you in advance!
Yuval


#2

If you follow any of the tutorials that build target firmware, you should be able to find said firmware (e.g. hardware/victims/firmware/simpleserial-aes). The assembly is there for you to inspect and answer all those questions.

Jean-Pierre