Consecutive key guess shows similar correlation!!!


Using the CW303 as the target with the simpleserial AES for attack (tutorial 5), I see that consecutive key guesses show similar correlation. This is not intuitive since S-box output is unique, and consecutive keys should not be dependent.

Can you please explain the reason for this anomaly (pic attached with 500 traces)? Is it something to do with the design of the AES?


Hi Ron

That’s a really interesting observation and you’re right that it’s quite unexpected. It seems to be limited to avrcryptolib (the same behaviour doesn’t appear on tiny-AES-128 running on an STM32F3, at least). It appears only for certain subkey pairs (so 16 will be strongly correlated to 17 and vice versa, but 18 and 17 are unrelated).

Sorry I couldn’t provide an explanation.


Thanks, Alex. Please let me know if you get any insight into why this is happening.