How to perform DPA on a Sasebo GIII running AES-128

Hello Colin,

My partner and I are undergraduate students working on executing a differential power analysis (DPA) attack on a Sasebo GIII (Sakura X) FPGA performing AES-128bit encryption. We have been following your forums and using them in conjunction with the “Power Analysis Attacks” textbook to understand how these attacks are performed and to develop my experimental setup. We wanted to create this post in order to help other followers of your forum to understand the theory behind the attack and also for us to get your verification with our thought process. I have attached the word file of the report explaining our procedure.

At the moment we have captured 15,000 waveforms and have only been successful with obtaining byte 1 of the key. We are not sure if there is an issue with our theoretical approach or if it is simply a coding error in our program (we checked it several times). Could you possibly give us some feedback? Some of the other bytes (3, 10, and 12) have dominant peaks, but in the wrong location.

Thank you,
Philip and Dylan :smiley:
Forum Post - DPA.docx (812 KB)

We broke all 16 bytes with 15,000 traces!! The issue was the inverse shift operation. When you create a 4x4 matrix in AES you must index the bytes along the columns (rather than the rows as we did in the document) and then perform the shift right operations. If anyone has any questions about the process, feel free to contact us and hopefully we will get back to you.


haha sorry I just started answering forum posts today, and you already fixed it :wink:

Excellent work :slight_smile: I’m very glad this was of some use to use & hope you have a lot of fun & success breaking more stuff…

Thanks for sharing, great to see more examples like this up on github (or otherwise accessible!).



Can you please post the specifications or the model of the oscilloscope you used to acquire the traces?
I am particularly interested in its sampling rate.