I am also trying to attack a serial implementation with CW following the same tutorial. I am getting the correct Ciphertext but for some reason there is no leakage in the traces. I presume this has got something to do with the ‘crypt_start’ signal. In the example design (which is a 128 bit implementation) this signal is passed to ‘load_i’ which I think marks the start of encryption.
When I map this signal to a similar port in my design the encryption doesn’t work. Could you please tell me how did you map this signal? Also, which serial implementation did you use?
Are you using the CW305 for your target? If so the easiest way to sort this out is to adapt our basic Verilog testbench to your target (link two posts above). You want to see the top tio_trigger line going high when the encryption starts. Make sure your clocks are routed properly.
Thanks for your reply Pierre. To the best of my knowledge, the trigger is configured properly. I have already measured the same design on a different setup. The only thing that I am concerned about is the influence of ‘crypt_start’ signal. What is its function? And is it necessary to incorporate it in the design or I can create a custom signal to enable the AES core?
If you follow crypt_start in the Verilog source, you can see that it connects to the load_i input of the aes_core module, where it is used to kick off the AES operation.
There are a million ways to do this – best advice is to simulate the example target alongside your own target and verify that they behave the same way from a top black-box point of view. Alternatively, instantiate ILAs in your target and debug on the FPGA itself.