As of August 2020 the site you are on (wiki.newae.com) is deprecated, and content is now at rtfm.newae.com.

Changes

Jump to: navigation, search

Tutorial A5 Breaking AES-256 Bootloader

219 bytes removed, 13:46, 21 June 2016
Capturing the Traces: Rewrite
= Capturing the Traces =
Once the hardware is ready, we can capture some traces for our attack using the ChipWhisperer Capture software. If you somehow got to the 5th ''Advanced Tutorial'' without getting this software ready, you can follow the helpful guide at [[Installing ChipWhisperer]].
It is assumed that you've already followed In some of the guide in [[Installing ChipWhisperer]]. Thus it is assumed you are able to communicate with the ChipWhisperer Capture Rev2 hardware (or whatever capture hardware you are using). Note in particular you must have configured the FPGA bitstream in the ChipWhisperer-Capture softwareprevious tutorials, we entered all part of the description in the [[Installing ChipWhisperer]] guidecapture settings by hand== Communication Since we are civilized humans armed with the Bootloader == == Running the Capture == Capturing the traces will requires technology, we can use a special capture scriptto do all of this setup for us. This capture A pre-written Python script is given in provided at [[#Appendix A : Capture Script]]. Running this script will start the ChipWhisperer capture system up with the bootloader communications module inserted. Your attack should Take a look like at thiscode and notice what it does:* it fills in the scope, target, and trace format that we'll use;<ol style="list-style-type: decimal* it connects to the hardware;">and* it loads all of the hardware parameters for us. Nice!Copy this script into a <licode>Run the python program given in [[#Appendix A Capture Script]].py</licode>file somewhere convenient. Then, perform the following steps to finish the capture:<li><p>The ChipWhisperer # Run the capture script, which will automatically open a ChipWhisperer Capture window with everything connected for us.# Open the terminal (''Tools > Terminal'') and connect to the bootloaderboard. You should see a window that looks like thisWhile the terminal is open, where press the every time you run a ''Capture 1' ' button. A single byte of data should appear in the status terminal. This byte will update. If you see another status such as CRC Error or no response, something is not working:either be </pcode><p>[[File:capture_examplescript.png|image]]a1</pcode>(CRC failed) or <pcode>To complete the tutorial, follow these steps:a4</pcode>(CRC OK). If you see any other responses, something is wrong.<blockquote><ol style="list-style-type: decimal;"><li>Switch to # Once you're happy with this, open the ''General Settings'' tab</li><li>Change and set the number Number of traces, you Traces. You should need about around 100 traces to break AES.</li><li>Hit # Press the ''Capture Many'' button (M in a green triangle) to start record the capture process100 traces.</li><li>You will 'll see each the new trace traces plotted in the waveform displayon-screen.</li><li>You'll see # Once the trace count in program is finished capturing the status bar. Once it says ''Trace 100 done'' (assuming you requested 100 traces) , save the capture process is completeproject.</li></ol></blockquote></li><li>Finally save this project using the ''File --&gt; Save Project'' option, Put it somewhere memorable and give it any a nice name you want.</li></ol>
= Analyzing of Power Traces for Key =
Approved_users
510
edits

Navigation menu