Attacking CW308T-S6LX9 FPGA target with CPA does not uncover the keys


#1

I’m using the CPA based tutorial below, but changing target to CW308T-S6LX9 FPGA. However, it does not uncover the correct keys.
Anyone tried this?

tutorial-pa-cpa-2-openadc-cwlitexmega


#2

You’ll need to use a different leakage model, as explained in the tutorial for our other FPGA target: https://github.com/newaetech/chipwhisperer-jupyter/blob/master/PA_HW_CW305_1-Attacking_AES_on_an_FPGA.ipynb

If you’re using CW5 you’ll also need to use the develop branch in order to pick up this fix.

Jean-Pierre


#3

I’m using CW5 but on Vbox VM. Is there a tutorial on how to load that fix into my VM?


#4

There is no tutorial. If you’re keen on using the VM you should be able to backport the changes without much difficulty. I don’t remember off the top of my head where the code resides inside the VM, but you can find out by running this in your Jupyter session:

import chipwhisperer as cw
cw.__file__

Having said that, I recommend installing the develop branch. Follow the instructions here.

Jean-Pierre


#5

Still not getting the correct guesses!
Here’s what I did:

I used this tutorial to capture the 5000 traces, then saved the project under a name. “tutorial-pa-cpa-2-openadc-cwlitexmega”
So the traces are captured with the scope settings in the helper scripts “Setup_Generic”.

Them I used this other tutorial, but started at the “Attack” section, set the project_file to the above name, and ran the attack.

Anything I’m not doing correctly?


#6

1- What do your traces look like? If you’re running the xmega script to capture your traces, it’s using ADC gain settings tuned to the xmega target and you likely need to adjust for the FPGA target. Always a good idea to look at your traces. You should also shorten the capture since the FPGA AES implementation takes a lot less clock cycles than the xmega.

2- What happens when your run the attack? Is it converging towards the correct key?

Jean-Pierre


#7
  1. Here’s my trace and the scope settings. The number of samples is 129.

  1. The correlation actually converges toward zero during the attack. Now remember that the leakage model is ‘last_round_state_diff’. So we’re not recovering the actual key but the key of the last AES round.
    However I’m not getting a big difference between the best correlation and the next, as shown below.

#8

Trace looks great! I have to ask: are you 100% sure that’s you’re running the fixed attack code?
If you changed the code in the VM, did you re-start the kernel after changing the code?

The way the attack works with the last_round_state_diff model is that it will show the PGE and key guess (highlighted red) for the round 10 key (e.g. not the key that you fed the FPGA). The notebook then rolls the key expansion backwards to get back to the original key.

Jean-Pierre


#9

Ya I’m pretty sure I have these changes in the VM. I restarted the VM a couple times for various reasons. So I have that in the kernel.
During the attack, the correct key (red) bounces around in out of the of the display window. Ultimately the correlation coefficients stopped in the single digit (4-6) percentage.
Anything else I can try? Any tweak to the CPA algo?


#10

I manually added 5.1.2 changes to my VM by replacing “processKnownKey” with “process_known_key” in the files given. But do I need to anything about the statement highlighted below that appears in the change header? What do I do specifically for that?

"Fix PGE calculation and known key highlighting.

This was broken for attacks which don’t target the base key, due to a
mix of process_known_key and processKnownKey. Changed all remaining
camelCase to snake_case."


#11

Hi,

I’m not sure I follow – “changed all remaining camelCase to snake_case” is what you did by replacing “processKnownKey” with “process_known_key”.

That’s not the only change in the commit however, which may be why you’re still not having success.

We released CW 5.1.3 a few weeks ago, which incorporates the fix, so just install that, no need to patch anything, and you should be good to go.

Jean-Pierre