How to attack 9 th round of my AES ?

Dear All,

I am really confused, I have used the template attack in order to attack the first and last round(10th round) key of my AES.
I have used this tutorial: … ate_Attack

ButI don’t have a good results. Now I need to attack the 9th round. But I am ot sure about my entry.

For the 1st round: Random Keys+Plaintexts
For the 10th round round: Random Keys+Ciphertexts

Firstly, the random keys that I have used for the first round and the last round are the same:

So I am not sure about that choice?

Now what about the 9th round ? What Must I use? Which ciphertexts ? and which keys?

I would be grateful if you could help me.
Thanks in advance.


The short answer is that you should be able to use the same traces. The traces remain the same it is the attack that you are performing on the traces that changes. That said the information needs to be present in the traces so it might be needed to change the offset/length to make sure you are capturing the operation you wanted)

The code for the last round attack can be found
here and states that the leakage model used is HD (Hamming distance that is better suited for hardware AES implementation). If you have a pure software implementation you might needs to change something there…