understanding traces and algorithms


I am trying to “investigate” into the different attack methods chipwhisperer utilizes in order to crack the keys.

So far what i have understood that chipwhisperer uses methods or programs listed under attack --> aes128 --> hardware model. is there any documentation for these attacks or the source code?

Appreciate the help :smiley:

Hi Erin!

ChipWhisperer is totally open-source, so you can look at the source code for the attacks to help you figure out what’s going on. However, this might not be a great place to start - it’s hard to understand what’s happening from the code alone.

The ChipWhisperer Wiki has a lot of helpful tutorials and explanations of side channel attacks. You might be interested in the CPA theory page and the manual CPA attack tutorial.

Of course, let us know on here if you need more info!

Hi Gdeon,

I went through the tutorials, i am trying to “modify” the attacks for learning about them and trying to attack other implementations. i did go through the code and it was overwhelming, i then went through some of the tutorials and was able to understand much part of it.
Now, i’m trying to change the code to adapt to my target device, but i dont think im able to find the scripts that are running under the hardware model. is there documentation on that or am i missing something?

really appreciate the response.


The analyzer has a CPA algorithm that finds the correlation between the power traces and some “leakage model”. This leakage model is some intermediate value that’s used in the algorithm. For example, one leakage model is to calculate the SubBytes output for a certain key and plaintext.

CPA attacks are pretty generic, so if you’re using an ordinary AES-128 implementation then you should be able to just use what’s already there. If not, the existing leakage models are in chipwhisperer/software/chipwhisperer/analyzer/attacks/models. For example, AES128_8bit.py has a bunch of classes like

class SBox_output(AESLeakageHelper):
    name = 'HW: AES SBox Output, First Round (Enc)'
    c_model_enum_value = 1
    c_model_enum_name = 'LEAK_HW_SBOXOUT_FIRSTROUND'
    def leakage(self, pt, ct, key, bnum):
        return self.sbox(pt[bnum] ^ key[bnum])

If you want to make your own leakage model, copy one of these classes and change the leakage() function to do something else. There isn’t much more documentation around yet - sorry!

This helps… Appreciate the help.


Thanks for the previous response. I have another silly question.
How does the chipwhisper store / import traces.
I mean when I capture traces for DPA attacks and save the results, so the results get stored as an array / linked list / database of points, plain text input and time ?

If so, can I modify them for traces obtained though other sources.

What I’m trying to achieve is to correct some of the traces so that they align with each other. For some reason the traces that I get are not consistent. I saw a tutorial by Colin on “fixing” this situation, however I do not see the same with the new version of software. Am I missing something ?

The ChipWhisperer software uses project files to store traces. These project files point to different data files, which are just NumPy arrays filled with plaintexts, keys, traces, etc. You can see an example of how to work with these files in Tutorial B6.

You should be able to re-align traces in the analyzer (this is called “resynchronization”). For example, take a look at this section of tutorial. Is this what you’re trying to do?