I’m using CW 5.3 on Windows 10, and am going through the different glitching tutorials, but I’m having problems getting results for the “Lab 1_1B - AES Loop Skip Fault Attack in Practice” tutorial on the STM32F3 UFO board. I simply don’t get any key_guess results, its usually just an empty array (sometimes when it’s not empty, it’s less than 16 bytes, sometimes just 1 byte).
All the tutorials leading up to that works fine, and from the “Fault 1_2 - Clock Glitching to Bypass Password” tutorial I have this collection of workable width/offset pairs:
For the AES loop skip attack I therefore use these parameters:
glitch_loc = range(180,260)
scope.glitch.clk_src = “clkgen”
scope.glitch.output = “clock_xor”
scope.glitch.trigger_src = “ext_single”
scope.glitch.repeat = 1
scope.io.hs2 = “glitch”
scope.glitch.width = 3.5
scope.glitch.offset = -12.5
I do get glitches, but the key_guess remains empty. What I do is, given the range of (180,260), if I get a glitch at say, 182, but empty key_guess, I change glitch_loc to (183,260), and so forth. I also change the width and offset slightly, but nothing better comes out of it.
Any ideas of what I could do to get good results in this tutorial?