Help with Lab 3_3 DPA on Firmware AES – Ghost Peaks and Windowing Uncertainty

Hello,

We’re currently trying to extract the correct AES key using Differential Power Analysis (DPA) on firmware implementations. Unfortunately, despite numerous attempts, we’re unable to retrieve the full correct key.

We’ve tested both crypto targets (TinyAES128C and AVRCryptoLab) and collected datasets with 2,500 and 10,000 traces for each. Our primary suspicion is that we’re running into issues with ghost peaks.

We’ve followed the windowing suggestions from the lab solution, but we’re unsure which graph to use to determine the cycle offset and sample begin values. Specifically:

We’ve experimented with a wide range of offsets and sample begin values, but the best result we’ve achieved so far is 13/16 correct key bytes.

So our questions are:

  • Which graph should we be using to determine the cycle offset and sample begin?
  • How do we decide which peak to consider? How “tall” does a peak need to be for it to be meaningful or worth zooming in on?
  • Are there any additional tips to deal with ghost peaks more effectively?

We’d really appreciate any advice or clarification. Thanks in advance!

So we’ve tried a bunch of different settings for the cycle offset and sample beginning, but the best results we’re getting are still only 14 out of 16 characters recovered. But we’re still unsure which exact graph we should be using to read those numbers.

Hi, a couple of questions…
What intermediate data do you target?
Are you able to do a leakage test with known-key on your target device, or are you only able to do an attack directly?
In your first picture is the red one a ‘ghost peak’ and the green one linked to the correct key hypothesis, or the other way around?