My partner and I are undergraduate students working on executing a differential power analysis (DPA) attack on a Sasebo GIII (Sakura X) FPGA performing AES-128bit encryption. We have been following your forums and using them in conjunction with the “Power Analysis Attacks” textbook to understand how these attacks are performed and to develop my experimental setup. We wanted to create this post in order to help other followers of your forum to understand the theory behind the attack and also for us to get your verification with our thought process. I have attached the word file of the report explaining our procedure.
At the moment we have captured 15,000 waveforms and have only been successful with obtaining byte 1 of the key. We are not sure if there is an issue with our theoretical approach or if it is simply a coding error in our program (we checked it several times). Could you possibly give us some feedback? Some of the other bytes (3, 10, and 12) have dominant peaks, but in the wrong location.
We broke all 16 bytes with 15,000 traces!! The issue was the inverse shift operation. When you create a 4x4 matrix in AES you must index the bytes along the columns (rather than the rows as we did in the document) and then perform the shift right operations. If anyone has any questions about the process, feel free to contact us and hopefully we will get back to you.