This tutorial is a continuation from [[Tutorial CW305-1 Building a Project]]. Here, we'll use our hardware setup to find a fixed secret key that the Artix FPGA is using for AES encryption. This tutorial relies on previous knowledge from [[Tutorial B5 Breaking AES (Straightforward)]], so make sure you know how that attack works.
'''This tutorial has not yet been updated for ChipWhisperer v4. To complete this tutorial on v4, use attack_cpa.py and change'''<syntaxhighlight lang="python">
from chipwhisperer.analyzer.attacks.models.AES128_8bit import AES128_8bit, SBox_output
#...
leak_model = AES128_8bit(SBox_output)
</syntaxhighlight>'''to:'''<syntaxhighlight lang="python">
from chipwhisperer.analyzer.attacks.models.AES128_8bit import AES128_8bit, LastroundStateDiff
#...
leak_model = AES128_8bit(LastroundStateDiff)
</syntaxhighlight>
== Theoretical Background ==