Discussions of performing power analysis, techniques, implementations, etc. Does not need to use ChipWhisperer.
#905 by Kortap
Wed Jul 06, 2016 6:34 pm
Hello Colin,

My partner and I are undergraduate students working on executing a differential power analysis (DPA) attack on a Sasebo GIII (Sakura X) FPGA performing AES-128bit encryption. We have been following your forums and using them in conjunction with the “Power Analysis Attacks” textbook to understand how these attacks are performed and to develop my experimental setup. We wanted to create this post in order to help other followers of your forum to understand the theory behind the attack and also for us to get your verification with our thought process. I have attached the word file of the report explaining our procedure.

At the moment we have captured 15,000 waveforms and have only been successful with obtaining byte 1 of the key. We are not sure if there is an issue with our theoretical approach or if it is simply a coding error in our program (we checked it several times). Could you possibly give us some feedback? Some of the other bytes (3, 10, and 12) have dominant peaks, but in the wrong location.

Thank you,
Philip and Dylan :D
Attachments
(812.5 KiB) Downloaded 56 times
#914 by Kortap
Fri Jul 15, 2016 9:56 am
We broke all 16 bytes with 15,000 traces!! The issue was the inverse shift operation. When you create a 4x4 matrix in AES you must index the bytes along the columns (rather than the rows as we did in the document) and then perform the shift right operations. If anyone has any questions about the process, feel free to contact us and hopefully we will get back to you.
#916 by coflynn
Fri Jul 15, 2016 12:11 pm
Hello,

haha sorry I just started answering forum posts today, and you already fixed it ;-)

Excellent work :) I'm very glad this was of some use to use & hope you have a lot of fun & success breaking more stuff...
#1224 by anm
Fri Mar 31, 2017 8:14 am
Kortap wrote:We broke all 16 bytes with 15,000 traces!! The issue was the inverse shift operation. When you create a 4x4 matrix in AES you must index the bytes along the columns (rather than the rows as we did in the document) and then perform the shift right operations. If anyone has any questions about the process, feel free to contact us and hopefully we will get back to you.



Can you please post the specifications or the model of the oscilloscope you used to acquire the traces?
I am particularly interested in its sampling rate.

Who is online

Users browsing this forum: No registered users and 1 guest