The Warning"Device failed to ack" in SimpleSerial.set_key

Embedded Security ChipWhisperer Hardware
1

When I was doing my own firmware programming, I wanted to add a masking for round key to counter side-channel attacks. Since random.h is not enough to be used in firmware compilation (I tried once before to indicate that this library does not generate random numbers), I came up with the idea that it can be passed into the algorithm in the form of randomly generating additional keys, that is, the first few bits of the incoming key are the real key, and the rest are random masks that we need to use in the encryption process. As shown in the picture below:

F5D986F5AF6C26BB7C90AAE38F461A8B
F5D986F5AF6C26BB7C90AAE38F461A8B697×1074 92.9 KB

2A3883AA449563F6FA9767D051C114CD

In the two graphs above, the actual encryption key used is 16 bytes, and the remaining 128 bytes are masks.

After I have modified the corresponding encryption algorithm, the hex file can be compiled and correctly transferred to the chip. However, in the end, the following error occurred when running the capture_traces function, which makes me very confused, because the preceding are normally compiled and run.

8E6AE555FA293A0FEA39CB006A61E72E
8E6AE555FA293A0FEA39CB006A61E72E1092×1032 117 KB

97715509F5D64E3965010D13A1C75404
97715509F5D64E3965010D13A1C75404986×1031 117 KB

2

Someone can help me?

3
  1. Did you update the simpleserial_addcmd() where get_key() gets added to specify that get_key() expects 256 bits of data instead of 128?
  2. When you call cw.capture_trace(), the key argument is sent to the target via the k command, and, if it has the correct argument length (256 bits in your case), calls your get_key() function. But here your key is 128 bits, not 256. You need to make modifications to extend key to 256 bits.

Personally I think it would make more sense to add another simpleserial command to send the mask - to understand how just look at how in the current system, pt and key are sent separately, and add a third command to send the mask.

4

Thanks very much for your reply!
I have two questions:

  1. Why does the key need to be 256bits? Since my key length is 128bits, it works fine until I don’t add the length of the mask to enter.
  2. How can I add a serial command?
    This is not a code problem, I already know how to add a similar command from a code point of view, for example, I can set another function get_mask() to receive the passed mask. Then I can use add_cmd to set an additional command keyword m to call get_mask().But if I do, what would it do to the call to cw.capture_trace(), since the function seems to be unable to pass any other parameters by default.
5
  1. Maybe I misunderstood something but in the get_key() function in your screenshot above, you’re iterating over 32 bytes of key.
  2. You will need to customize capture_trace() in order to send other commands. Or, send the other commands before you call capture_trace().