Approved_users
510
edits
| As of August 2020 the site you are on (wiki.newae.com) is deprecated, and content is now at rtfm.newae.com. |
Changes
→Basic Communications with the Target: Split up tutorial into more sections; minor edits
-------- end --------</pre>
= Basic Manual Communications with the Target =
At this point, you should be able to configure the target as in the tutorialtimingsimple or tutorialcommsprevious tutorials. Rather than tediously going through the setup process again, we'll simply use one of the scripts built into the ChipWhisperer-Capture software. This will demonstrate how we can use a script as a starting point to simplify our setup.
<ol style="list-style-type: decimal;">
<p>[[File:Passok.png|image]]</p></li>
<li>The system enters an infinite loop for any password entry. Thus you must reset the system, use the ''Programmer Window'' to again perform a ''Check Signature'' or ''Read Signature'' operation.</li>
<li>Enter an incorrect password - notice a different message is printed, and if using the CW-Lite XMEGA target the red LED will come on.</li></ol> = Recording Power Traces =Now that we can communicate with our super-secure system, our next goal is to get a power trace while the target is running. To do this, we'll get the power measurements to trigger after we send our password to the target. <ol style="list-style-type: decimal;"><li><p>At this point, weWe'll make some changes to the trigger setup of the ChipWhisperer. In particular, ensure you set the following:</p>
<blockquote><ul>
<li>Offset = 0</li>
<li><p>Change to the ''Target Settings'' tab, and delete the ''Command'' strings. Those strings are used in the AES attack to send a specific command to the target device, for now we will be manually sending data:</p>
<blockquote><p>[[File:Text_targetsettings.png|image]]</p></blockquote></li>
<li><p>Perform the following actions:</p>
<blockquote><ol style="list-style-type: lower-roman;">
<p>You must send the password before the timeout occurs -- you can increase the length of the timeout if needed to give yourself more time! If this works you should see the power consumption displayed in the GUI:</p>
<blockquote><p>[[File:Trace_manual_pass.png|image]]</p></blockquote></li>
<li><p>Rather than using the manual terminal, let's now use the GUI to automatically send a password try. Switching back to the ''Target Settings'' tab, write <code>h0px3\n</code> into the ''Go Command'' option:</p>
<blockquote><p>[[File:Gocorrect.png|image]]</p></blockquote>
<p>You should notice a distinct change in the password depending how many characters were correct. For example the following shows the difference between passwords of <code>h0px4</code> (which has 4 correct characters) and <code>h0paa</code> (which has 3 correct characters):</p>
<blockquote><p>[[File:3vs4.png|image]]</p></blockquote></li><li/ol> = Automatic Resets =The last step before scripting an entire attack is to figure out how to automatically reset the target device before (or after) each capture. There are two ways to do this, and the following steps take you through two examples of how to accomplish this goal.</li></ol>
== Reset via Spare IO Lines ==
