H-field trace with CW308 with target XMEGA

Hello,

I am trying to use the NAE-HPROBE-15 in order to capture EM traces on the ChipWhispererPro. I have run a few tests with the XMEGA target, but so far it seems the traces I get are not correct. What I have done is that I have disconnected the probe cable from the J17 connector on the CW308, and connected it to the NAE-HPROBE-15.

If I run a capture while holding the probe nowhere near the target, I typically get a noise comprising 4 different values in the traces, as shown below:

When I put the probe directly above the circuit, the trace only gets a little better, with typically 9 different values:

Is there any special configuration to make to the CW308, or am I doing something wrong?

Thanks for your help,
Quentin

Have you tried increasing the gain? The signal here will be much smaller than what you would get across the shunt.

Thanks, that helped a little. By setting the gain to the maximum value, I can distinguish some of the patterns in the AES. For example, the best I could get for the AddRoundKey is the following trace:

(Although I doubt the signal is sufficient for performing any differential attack…?)
I will try later with the stm32f1 or f3 to see if it gives better results.

Make sure you check out the information here, especially the video: CW505 Planar H-Field Probe - NewAE Hardware Product Documentation

It resembles noise rather than AES round patterns.
From my experience, I never recovered the AES key by capturing the EM traces.
It is much better to capture the power traces. At least you will be able to get reliable information to break AES.

It does not resemble noise, I can clearly see the patterns of the inner and outer iterations of the ARK, and they are aligned with the power traces.

I did a small test and run a CPA on 1000 traces (on all the samples of the SBox for all key bytes), and all 16 key bytes were correctly found. I guess that it is sufficient to prove the efficiency of the traces…

1 Like

That’s great to hear, thank you for the update!

Of course, this proves that attack works but the traces you shared are shrunk and there are no visible AES patterns. At least, I don’t see them.
You are lucky. As I said, I tried many times many targets but didn’t recover any key.
At the same time classic “on-wire” SCA attacks work fine.