Problems in Lab 1_1B - AES Loop Skip Fault Attack in Practice

jandro345 · July 5, 2021, 9:17pm

Hello, I am using:

SCOPETYPE = ‘OPENADC’
PLATFORM = ‘CWLITEXMEGA’
CRYPTO_TARGET = ‘TINYAES128C’

I am facing problems with the tutorial Lab1_1B from fault201. There is no result trying to print the key_guess, I think the error is modifying the code of the TinyAES128 or choosing parameters for the attack.

At first, I didn´t have to modify nothing because the parameter volatile was included in the code.

![image|690x387](upload://1rR4FwzBlt93jo9HOwi8LIQXbEM.png)

After that, i continued with the tutorial, i got the last scope,

This is the code to get the scope and the scope zoomed.

I chose the range 200-300 to glitch. These are the other parameters I use:

scope.glitch.width = 2.75
scope.glitch.offset = -12.9

After that, I tried the next part of the tutorial, and I have the first warning, it doesn´t glitch at any point, so I don´t get any trace. This is the code:

The following part of the tutorial seems to work, I get this trace twice:

Finally, I don´t get any result in key_guess.

Thank you for reading.

jandro345 · July 13, 2021, 6:36pm

I still have the same problem, I have tried differents parameters for the glitch, maybe i am wrong with the range to glitch, but i can´t understand where ends the last round.

Roy · April 6, 2022, 6:15pm

Hi!
I’m stuck with the same problem (LITEXMEGA).
Did you find the correct parameters?

TNX

dixiao1 · November 12, 2023, 4:01am

you maybe can choose the parameter belows
glitch_loc = range(671, 700)
and
scope.glitch.width = 5.1
scope.glitch.offset = -10.1

after that, I got a result, but i need to run many times, and i can not get the key_guess ,the key_guess is a empty array.

dixiao1 · November 12, 2023, 5:48am

if you are “cwLITExmega” , you can try the parameter
glitch_loc = range(440, 450)
scope.glitch.width = 5
scope.glitch.offset = -10

at the number of 440 ,i got it and i get the key.
the power trace likes that