I implemented a CPA on an AES implementation called Dust-AES. Per my assignment i added some dummy functions to the C implmentation and the CPA obviosly fails to find any leakage or correlation. I had the idea to measure “to the right” of the original measurement. I need to implement an offset for the trace measurement somehow. How and where do I correctly use it? I know that having more measurements is better. So how can i know how many measurement i have taken and how can do more measurements?
Use scope.adc.offset = X to delay the sample capture by X samples.
If the start of the AES operation is simply shifted by a fixed number of samples, then shifting by the appropriate number of cycles will result in the attack running just as well as it originally did.
To find the new start of the AES operation, you can increase the number of samples; you can also simply move trigger_high in the firmware.