Hi all,
I have a really strange use case, but have been racking my head looking for a solution. I am currently trying to take manual power traces of the cw308 -XMEGA target with an oscilloscope. Below is a single trace taken:
Blue is the trace, red is the output of TRIG/TIO4 (rising edge on left, falling edge on right)
What I do not understand is the trace does not appear like a regular aes trace at all, it looks more like a cw capture with no SMA cable attached… Is there some kind of post processing on this signal or something else I am not aware of?
One quality of my setup that may throw if off a little is that I am still using the cwlite to communicate with the target (I didn’t want to implement simple serial).
Any ideas?
Thanks
I count just seven distinct levels, so maybe your gain is much too low, or your scope probe isn’t connected properly? Or maybe your scope isn’t set to AC coupling? (you’re interested in measuring the tiny variations in a somewhat large DC signal, so AC coupling is what you want)
And no, ChipWhisperer doesn’t do any processing on the signal; what you get from CW are raw ADC samples.
Jean-Pierre
Thanks for the information!
I tuned the scope settings and received a much better looking signal
However it still differs from a “normal” looking CW capture, such as this one:
Would you say the capture is sufficient for power analysis? I would think so, but given how different these charts appear, I’m not sure.
There’s one way to find out! Run an attack.
The 10 AES rounds are visible on your trace. The black & wrhite image is zoomed in on a single AES round. If you zoom in on your capture you may see something similar, but this will depend on a lot of factors – the AES implementation, the compiler and its settings, and the target itself.
Jean-Pierre
