I implemented a CPA on an AES implementation called Dust-AES. Per my assignment i added some dummy functions to the C implmentation and the CPA obviosly fails to find any leakage or correlation. I had the idea to measure “to the right” of the original measurement. I need to implement an offset for the trace measurement somehow. How and where do I correctly use it? I know that having more measurements is better. So how can i know how many measurement i have taken and how can do more measurements?
Use scope.adc.offset = X to delay the sample capture by X samples.
If the start of the AES operation is simply shifted by a fixed number of samples, then shifting by the appropriate number of cycles will result in the attack running just as well as it originally did.
To find the new start of the AES operation, you can increase the number of samples; you can also simply move trigger_high in the firmware.
thanks for your answer! i will try this as soon as possible.
But how exactly do i change the number of samples taken?
and how does moving trigger_high affect the read out of the samples?
When the target executes trigger_high(), the IO4 pin gets set high, and this is what starts the collection of scope.adc.samples power samples. Set scope.adc.samples to what you wish.
