As of August 2020 the site you are on (wiki.newae.com) is deprecated, and content is now at rtfm.newae.com.

Difference between revisions of "Tutorial CW305-2 Breaking AES on FPGA"

From ChipWhisperer Wiki
Jump to: navigation, search
(Theoretical Background)
Line 13: Line 13:
  
 
= Capture Setup =
 
= Capture Setup =
- Reference last tutorial
+
The hardware and software setup was completed in the previous tutorial. If you haven't completed it, finish [[Tutorial CW305-1 Building a Project]] first.
- Mention what the default settings are
+
 
- Look at one trace (especially for the length)
+
Most of the capture settings are similar to the standard ChipWhisperer scope settings. However, there are a couple of interesting points:
- Explain that there's little leakage
+
 
- Set up for 5000 traces
+
* We're only capturing 250 samples, and the encryption appears to be finished in less than 60 samples with an x4 ADC clock. This makes sense - as we mentioned above, our AES implementation is probably computing each round in a single clock cycle.
- Capture many
+
* We're using EXTCLK x4 for our ADC clock. This means that the FPGA is outputting a clock signal, and we aren't driving it.
 +
 
 +
Other than these, the last interesting setting is the number of traces. By default, the capture software is ready to capture 5000 traces - many more than were required for software AES! It is difficult for us to measure the small power spikes from the Hamming distance on the last round: these signals are dwarfed by noise and the other operations on the chip. To deal with this small signal level, we need to capture many more traces.
 +
 
 +
Once you're ready, save your project and click Capture Many to record 5000 traces.
  
 
= Analysis =
 
= Analysis =
Line 25: Line 29:
 
- Change leakage to HD
 
- Change leakage to HD
 
- Results
 
- Results
 +
 +
= Suggestions =
 +
  
  
 
{{Template:Tutorials}}
 
{{Template:Tutorials}}
 
[[Category:Tutorials]]
 
[[Category:Tutorials]]

Revision as of 13:29, 16 January 2017

This tutorial is a continuation from Tutorial CW305-1 Building a Project. Here, we'll use our hardware setup to find a fixed secret key that the Artix FPGA is using for AES encryption. This tutorial relies on previous knowledge from Tutorial B5 Breaking AES (Straightforward), so make sure you know how that attack works.

Theoretical Background

During this tutorial, we'll be working with a hardware AES implementation. This type of attack can be much more difficult than a software AES attack. In the software AES attacks, we needed hundreds or thousands of clock cycles to capture the algorithm's full execution. In contrast, a hardware AES implementation may have a variety of speeds. Depending on the performance of the hardware, a whole spectrum of execution speeds can be achieved by executing many operations in a single clock cycle. It is theoretically possible to execute the entire AES encryption in a single cycle, given enough hardware space and provided that the clock is not too fast. Most hardware accelerators are designed to complete one round or one large part of a round in a single cycle.

This fast execution may cause problems with a regular CPA attack. In software, we found that it was easy to search for the outputs of the s-boxes because these values would need to be loaded from memory onto a high-capacitance data bus. This is not necessarily true on an FPGA, where the output of the s-boxes may be directly fed into the next stage of the algorithm. In general, we may need some more knowledge of the hardware implementation to successfully complete an attack.

In our case, let's suppose that every round of AES is completed in a single clock cycle. Recall the execution of AES:

AES Encryption.png

Here, every blue block is executed in one clock cycle. This means that an excellent candidate for a CPA attack is the difference between the input and output of the final round. It is likely that this state is stored in a port that is updated every round, so we expect that the Hamming distance between the round input and output is the most important factor on the power consumption. Also, the last round is the easiest to attack because it has no MixColumns operation. We'll use this Hamming distance as the target in our CPA attack.

Capture Setup

The hardware and software setup was completed in the previous tutorial. If you haven't completed it, finish Tutorial CW305-1 Building a Project first.

Most of the capture settings are similar to the standard ChipWhisperer scope settings. However, there are a couple of interesting points:

  • We're only capturing 250 samples, and the encryption appears to be finished in less than 60 samples with an x4 ADC clock. This makes sense - as we mentioned above, our AES implementation is probably computing each round in a single clock cycle.
  • We're using EXTCLK x4 for our ADC clock. This means that the FPGA is outputting a clock signal, and we aren't driving it.

Other than these, the last interesting setting is the number of traces. By default, the capture software is ready to capture 5000 traces - many more than were required for software AES! It is difficult for us to measure the small power spikes from the Hamming distance on the last round: these signals are dwarfed by noise and the other operations on the chip. To deal with this small signal level, we need to capture many more traces.

Once you're ready, save your project and click Capture Many to record 5000 traces.

Analysis

- Load project - Most default settings are fine - Change leakage to HD - Results

Suggestions