Lab2_1B - data not over lapping

Embedded Security ChipWhisperer Hardware
1

In this section of the code -

#Example - capture ‘h’ - end with newline ‘\n’ as serial protocol expects that
trace_h = cap_pass_trace(“h\n”)

print(trace_h)

START SOLUTION

cw.plot(cap_pass_trace(“h\n”)) * cw.plot(cap_pass_trace(“a\n”))

END SOLUTION

Q1. the graph shown in the image is overlapping perfectly. But in my case its not overlapping.
Q2. Why it should even overlap because first character that i am sending is “h“ and the second character is “a“. both the values are different.

Q3. The first graph is for tracing power for “h“ and the send one for “a“. So the graph will be obviously different. and ideally it should not over lap.

Q4. If the comparison is being done between the Password verification logic in the firmware and the characters that are being sent. it make sense that it will overlap to so that i can get the correct value. but in this case i am just capturing the power traces of “h“ and then “a“.

Kindly please help me out i am not understanding the concept. what’s exactly happening and what and how it is being compared to ?

2

Can you either show or point more specifically what you refer to as “overlapping perfectly” in our notebook? And show or better describe how your own results differ?

To answer your other questions, what we are trying to show here is that the target firmware takes a different execution path when it receives a correct password letter, compared to when it receives an incorrect letter. The execution paths diverge, and so the power traces diverge.

3

Hi Thanks for the reply. So i am tying to replicate the overlap.
but i do not see that in the graph that is getting plotted.

code :

trace_h = cap_pass_trace(“h\n”)

trace_a = cap_pass_trace(“a\n”)

cw.plot(trace_h) * cw.plot(trace_a)

image
image813×600 107 KB

Also, as per my understanding on exactly what is happening,

The device compares real characters.
The attacker observes execution behavior through power traces.
Overlap happens when execution is identical. Depending on the Password_compare function.
Differences appear when execution path changes.
The correct guess causes more work → longer trace.

in this case let suppose “h” which is the correct character takes up 2 operation and then returns back to loop and then performs another 2 operations and performs break; as the 2nd character was not correct,

But in the case of “a“ which is wrong character will still do the first 2 operations and then as its wrong will execute the break; operation and then exit from the loop.

so for “h“ → 4 operations happened and then break;
but for “a” –> only 2 operations happened and break;

till the first 2 operations i should see an overlap in the graph but every time i am capturing the trace and plotting the graph my data is not overlapping.

Please do confirm if my understanding is correct.

Requesting for help.

i am using the hardware → Chipwhisperer Lite + UFO board + STM32F (F303)

4

It looks like you have not connected the “measure” port; you are measuring only noise.

You need to connect an SMA cable from the CW-lite’s measure port to the SMA connector on the CW308 UFO board.

5

oo thanks a lot. But i believe that information was not provided in the Course notebook.
Is there anything else that i need to do apart from just connecting the SMA cable ?

6