I was wondering is it possible to use the same principle and code used in tutorial B6 to carryout a CPA on the 14th round key in the A5 tutorial?
I have used the code and the traces provided by the aes256_round1413_key0_100.cwp file . I set the numtraces to 99 and ran the script. However the first byte I received was “e7” but according to the A5 tutorial the first byte is “ea”. Also depending on the numtraces the output changes and the aes256_round1413_key0_100.cwp file only has 100 traces. Does this mean having more traces are better? if so roughly how many traces would I require?
These are different, so if you run an attack searching for the first intermediate value, you won’t find anything - the attack will just print random keys, and adding more traces will swap everything around. However, you can just change your script to use the correct intermediate value and things should Just Work ™.
By the way - the InvShiftRows step doesn’t modify the bytes in the AES state. It just swaps them around. This means that you don’t even need to add it in your attack script - all of the byte values will still be there ready for your CPA attack.