When I was doing my own firmware programming, I wanted to add a masking for round key to counter side-channel attacks. Since random.h is not enough to be used in firmware compilation (I tried once before to indicate that this library does not generate random numbers), I came up with the idea that it can be passed into the algorithm in the form of randomly generating additional keys, that is, the first few bits of the incoming key are the real key, and the rest are random masks that we need to use in the encryption process. As shown in the picture below:
In the two graphs above, the actual encryption key used is 16 bytes, and the remaining 128 bytes are masks.
After I have modified the corresponding encryption algorithm, the hex file can be compiled and correctly transferred to the chip. However, in the end, the following error occurred when running the capture_traces function, which makes me very confused, because the preceding are normally compiled and run.
- Did you update the
simpleserial_addcmd()
where get_key()
gets added to specify that get_key()
expects 256 bits of data instead of 128?
- When you call
cw.capture_trace()
, the key
argument is sent to the target via the k
command, and, if it has the correct argument length (256 bits in your case), calls your get_key()
function. But here your key
is 128 bits, not 256. You need to make modifications to extend key
to 256 bits.
Personally I think it would make more sense to add another simpleserial command to send the mask - to understand how just look at how in the current system, pt and key are sent separately, and add a third command to send the mask.
Thanks very much for your reply!
I have two questions:
- Why does the key need to be 256bits? Since my key length is 128bits, it works fine until I don’t add the length of the mask to enter.
- How can I add a serial command?
This is not a code problem, I already know how to add a similar command from a code point of view, for example, I can set another function get_mask()
to receive the passed mask. Then I can use add_cmd
to set an additional command keyword m
to call get_mask()
.But if I do, what would it do to the call to cw.capture_trace()
, since the function seems to be unable to pass any other parameters by default.