Bachelor Thesis on Side-channel Power analysis

Embedded Security Side Channel Power Analysis
1

Hello!
We are two students currently writing our bachelor thesis on Side-channel power analysis.
Our goal is to attack two MCUs using CW, preferably the bootloader. We have no prior experience with CW or SCA as a concept. We have gone through a few of the tutorials on Side-channel power analysis using the STM32F3 as the target device. But we’re not sure how to proceed from here. We’re looking for beginner-friendly advice on either how to attack our MCUs (TMS570 and TMS320) directly or how to compare the schematics and datasheets of the STM32 and our MCUs and theoretically prove that an attack is possible.

Best Regards

2

Hi,

There’s actually a lot of situational decision making and reverse engineering work that goes into doing a real SCA attack. So long as you don’t care too much about being too invasive, here’s some basic setup that should work:

Hardware (assuming invasive shunt resistor measurement):

  1. Shunt resistor between the power supply and the Vcc pins of the chip. Ideally, you want to target only the power pin that supplies the operations you’re interested in (core voltage, crypto module supply)
  2. No decoupling capacitors on the low side of the shunt resistor
  3. A connection between the ChipWhisperer’s measurement port and the low side of the shunt resistor
  4. A trigger for the ChipWhisperer’s ADC. This one’s pretty specific to what the device is doing.
  5. A shared clock between the ChipWhisperer and the device. This one’s optional, but highly recommended as it vastly improves data collection
  6. Any other required electrical connections between the two devices (ground, communication lines, etc.).

Device operation:

  1. The device has to be manipulating the secret data
  2. You need to either know or actively be able to manipulated input or output data from the cryptographic core. What data you need to know/manipulate depends on the mode the crypto algorithm is being used in, as well potentially where the crypto leaks information at. Hardware AES often leaks pretty good data from the hamming distance between the input and last output of the last round, for example.

We’ve just released on online training course that would cover a lot of what you’re asking, available at https://learn.chipwhisperer.io/courses/power-analysis-101. It’s got some pretty comprehensive information and some examples of mounting side channel attacks against real devices, including what sort of reverse engineering and data collection work you need to do.

Alex