Home Computer Science Hardware Security and Trust: Design and Deployment of Integrated Circuits in a Threatened Environment

We reccommend you to proceed according to the following steps:

• 1. Plot one trace in the program you are using (MATLAB/Octave, Mathematica, etc.). Check that it is complete.
• 2. Plot several traces (e.g., 1st, 10th, 50th). Check the alignment of traces (they overlay correctly, triggering works).
• 3. Select the appropriate part of the traces (e.g., containing the first round). Read in the appropriate number of traces.
• 4. Depending on your measurements, you may have to perform a correction of mean values (if your measurements “wander” in voltage over time). You can do so by subtracting from each trace its mean value.
• 5. Recover the secret key using the DPA with correlation coefficients. The method is summarized in Sect.4.2.1.

# Training Sets

In folder Analysis you will find two sets of measurements. One set is for known key 00 11 22 33 44 55 66 77 88 99 aa bb cc dd ee ff, the other set is for unknown key.

4.2.3.1 Training Set for Known Key 00 11 22 33 44 55 66 77 88 99 Aa Bb Cc Dd Ee Ff

To implement and debug your program/script, we provide testing traces of 200 AES encryptions (AES 128, with 10 rounds). We encrypted 200 plaintexts (file plaintext-00112233445566778899aabbccddeeff.txt), obtaining 200 ciphertexts (file ciphertext-00112233445566778899aabbccddeeff.txt. During encryptions we measured power traces (traces-00112233445566778899aabbccddeeff.bin). Each trace has a length of 370 000 samples (in this case). Each sample is represented by 8 bit unsigned value (i.e., the length of the file is 370 000 bytes * 200 traces = 74 MB).

If your program/script is correct, then you should reveal the key 00 11 22 33 44 55 66 77 88 99 AA BB CC DD EE FF.

4.2.3.2 Training Set for Unknown Key

If you are successful with the set above, you may try to recover the unknown key. We made 150 AES encryptions (AES 128, with 10 rounds).

Files plaintext-unknown_key.txt and ciphertext-unknown_key.txt contain plaintexts and corresponding ciphertexts, which were produced by an AES encryption with an unknown key. File traces-unknown_key.bin stores power traces recorded during encryptions of above plaintexts. File traceLenght-unknown_key.txt contains information on trace length, i.e., 550000 samples in this case.

You can easily check whether you found correct key. Just take any plaintext from the file plaintext-unknown_key.txt, encrypt it with the key you determined by the analysis, and compare the resulting ciphertext with a corresponding ciphertext from the file ciphertext-unknown_key.txt. If the ciphertexts match, you found the correct key.

Found a mistake? Please highlight the word and press Shift + Enter

Subjects