Masked AES implementation code or file

I want to capture the power traces of masked AES implementation from the Atmega328p and the SAKURA-G respectively to carry out some experiments. Where could I get the corresponding codes or files that I can load into them and then capture the traces.

Best,
David

1 Like

I have the same problem

I haven’t tried it and don’t know its current state, but a masked AES implementation was contributed a while back by @jmichel, I think:

To pull it in, go to hardware/victims/firmware/crypto/ and run:
git submodule update --init secAES-ATmega8515/

I’ve also adapted the ARM implementation (normally targeting a STM32 MCU but it can be compiled for all ARM targets). But I hadn’t got the time to finish the pull-request. Shame on me :slight_smile:

I’ll try to go back on it soon-ish if there’s interest for it

Hey jmichel,

Any chance that pull request was ever completed? :slight_smile:

I believe https://github.com/ANSSI-FR/SecAESSTM32/tree/3b9ed68a4576255636634ec539079476cd5bbc92 is the library Jean-Michel was working on adapting.

1 Like

Sorry for the delay.

Indeed I’ve been working on 3 implementations of masked/bitsliced AES for Cortex-M:

The two implementations from ANSSI (the one for AVR and the one for Cortex-M4) have configurable masks (AVR expects 2 configuration bytes followed by 16-byte mask and ARM implementation expects either 16-byte or 32-byte mask). The other 2 implementations generate the mask internally using an RNG and I’m trying to keep the implementations upstream as pristine as I can. In the case of a “real” target, the mask wouldn’t be known anyway.

To support all this, I started a series of PR on Gtihub. The first one is there to support variable length commands, which is required for setting the masks.

Once this is merged, I’ll create more pull requests to add the implementations into the firmware directory.
The last two implementations requiring a change in the HAL to start the platform RNG as well as having a get_rand(), they won’t be supported by all platforms yet (I’ve worked on and tested K82F, nRF52840 and STM32F4 so far).

For the experiments I’m running I started maintaining a repository of pre-compiled firmware for the simpleserial_aes program: https://github.com/jmichelp/chipwhisperer-firmware
I need to finish a few commits and I’ll recompile them soon (the RIOU and KNARFRANK implementation were broken when I last compiled them).