{{Warningbox|This tutorial is an add-on to [[Tutorial A5 Breaking AES-256 Bootloader]]has been updated for ChipWhisperer 5 release. It continues working on If you are using 4.x.x or 3.x.x see the same firmware, showing how to obtain the hidden IV and signature "V4" or "V3" link in the bootloader. '''It is not possible to do this bonus tutorial without first completing the regular tutorial''', so please finish Tutorial A5 firstsidebar.}}
''This {{Infobox tutorial is under construction! Check back in a few days.''|name = A5: Breaking AES-256 Bootloader|image = |caption = |software versions =|capture hardware = CW-Lite, CW-Lite 2-Part, CW-Pro|Target Device = |Target Architecture = XMEGA/Arm|Hardware Crypto = No|Purchase Hardware = }}
= Background =<!-- To edit this, edit Template:Tutorial_boilerplate -->== AES in CBC Mode ==* Repeat of theory from tutorial{{Tutorial boilerplate}}
== The IV ==* Suggest some ideas== The Signature ==* Timing attack* Show firmwareJupyter file: '''PA_Multi_1-Breaking_AES-256_Bootloader.ipynb'''
= Exploring the Bootloader =
In this tutorial, we have the luxury of seeing the source code of the bootloader. This is generally not something we would have access to in the real world, so we'll try not to use it to cheat. (Peeking at <code>supersecret.h</code> counts as cheating.) Instead, we'll use the source to help us identify important parts of the power traces.
== Bootloader Source Code XMEGA Target ==Inside the bootloader's main loop, it does three tasks that we're interested in:* it decrypts the incoming ciphertext;* it applies the IV to the decryption's result; and* it checks for the signature in the resulting plaintext.This snippet from <code>bootloader.c</code> shows all three of these tasks:
<pre>See the following for using:// Continue with decryptiontrigger_high* ChipWhisperer-Lite Classic (XMEGA); aes256_decrypt_ecb* ChipWhisperer-Lite Capture + XMEGA Target on UFO Board (&ctx, tmp32);trigger_low();including NAE-SCAPACK-L1// Apply IV (first 16 bytesL2 users)for (i = 0; i < 16; i* ChipWhisperer-Pro ++){ tmp32[i] ^= iv[i];}XMEGA Target on UFO Board
https://Save IV for next time from original ciphertext for (i = 0; i < 16; i++){ iv[i] = tmp32[i+16];}chipwhisperer.readthedocs.io/en/latest/tutorials/pa_multi_1-openadc-cwlitexmega.html#tutorial-pa-multi-1-openadc-cwlitexmega
== ChipWhisperer-Lite ARM // Tell the user that the CRC check was okayputch(COMM_OK);putch(COMM_OK);STM32F3 Target ==
//Check See the signaturefollowing for using:if * ChipWhisperer-Lite 32-bit ((tmp32[0] == SIGNATURE1STM32F3 Target) &&* ChipWhisperer-Lite Capture + STM32F3 Target on UFO Board (tmp32[1] == SIGNATURE2) && (tmp32[2] == SIGNATURE3) && (tmp32[3] == SIGNATURE4)){ // Delay to emulate a write to flash memory _delay_ms(1);} </pre>This gives us a pretty good idea of how the microcontroller is going to do its job. However, we can go one step further and find the exact assembly code that the target will execute. If you have Atmel Studio and its toolchain on your computer, you can get the assembly file from the command line with<pre>avrincluding NAE-objdump SCAPACK-m avr -D bootloader.hex > disassembly.txt<L1/pre>L2 users)This will convert the hex file into assembly code, making it more human* ChipWhisperer-readable. The important part of this assembly code is:<pre> 344: d3 01 movw r26, r6 346: 93 01 movw r18, r6 348: f6 01 movw r30, r12 34a: 80 81 ld r24, Z 34c: f9 01 movw r30, r18 34e: 91 91 ld r25, ZPro + 350: 9f 01 movw r18, r30 352: 89 27 eor r24, r25 354: f6 01 movw r30, r12 356: 81 93 st Z+, r24 358: 6f 01 movw r12, r30 35a: ee 15 cp r30, r14 35c: ff 05 cpc r31, r15 35e: a1 f7 brne .-24 ; 0x348 360: fe 01 movw r30, r28 362: b1 96 adiw r30, 0x21 ; 33 364: 81 91 ld r24, Z+ 366: 8d 93 st X+, r24 368: e4 15 cp r30, r4 36a: f5 05 cpc r31, r5 36c: d9 f7 brne .-10 ; 0x364STM32F3 Target on UFO Board