I bought Chipwhisperer Lite Xmega(CW1173) recently. I want to measure the power waveform of 128bit AES with masking countermeasure, but I don’t know how to generate the program. Or is it easy to do just by rewriting the AES program that was already prepared when Chipwhisperer was installed?
There is a masked AES implementation included with ChipWhisperer. Try:
- Navigate to
chipwhisperer/hardware/victims/firmware/crypto/via bash/git bash
git submodule update --init secAES-ATmega8515
- Build simpleserial-aes as usual, but with
Thank you for your help. I was able to execute up to step 2 ,but I don’t know how to do step 3.
I’m using Jupyter to make Chipwhisperer and Xmega work. Is there any program that can be used as a reference? In particular, I don’t know how to get the mask values.
You should be able to use simpleserial-aes as usual. There’s an additional command
get_mask() that does nothing in a non-masked implementation, but I believe can be used to set the mask here. You can call it via
simpleserial_write('m', <mask>). IIRC the mask has to be 18 bytes long.
Unfortunately, I don’t really have any experience with the masked firmware, so I don’t know if I’ll be much help here.
For building the firmware, you can use the usual build command in the notebook, which should look something like:
%%bash -s "$PLATFORM" "$CRYPTO_TARGET" cd ../../../hardware/victims/firmware/simpleserial-aes make PLATFORM=$1 CRYPTO_TARGET=$2
Before running this block, set
Thank you for your help. I’m new to chipwhisperer, so I’m still struggling.
By using tutorial program(PA_CPA_1-Using_CW-Analyzer_for_CPA_Attack.ipynb) and changing TINYAES128C to MASKEDAES, I was able to collect traces, plaintexts and keys, but wasn’t able to get mask values. Should I write simpleserial_write(‘m’, ) into a Jupyter program and run it?
I think the mask value is set (initially?) by the
simpleserial_write('m', ) and perhaps randomly updated after that, but I’m not sure.
I have completed code burning and can use masks to collect power consumption, but I have no way to know how the masks are changed inside the chip, nor can I get the masks used in each encryption.There are assembly instructions in the source code, so I can’t get more information. I hope I can get your help.
Sorry, I’m not familiar with that code and I don’t know much about masking, so I can’t really help.
Thank you very much for your reply, and I will continue to work hard.