As of August 2020 the site you are on ( is deprecated, and content is now at


Jump to: navigation, search

Tutorial B11 Breaking RSA

338 bytes added, 23:42, 15 July 2017
no edit summary
Run the SPA setup script.
Under the XXX tab, leave only the "Go Command", and delete the other commands. The RSA demo does not support sending a key, and instead will use the plaintext as a fake-key.
Change the CLKGEN to be CLKGEN x1 via DCM
If you are using Capture V3.5.2 or later you will have support for the length of the trigger output being high reported back to you. If you run capture-1 for example you'll see the trigger was high for XX cycles:
This is way too long! You won't be able to capture the entire trace in your 24000 length sample buffer. Instead we'll make the demo even shorter - in our case looking at the source code you can see there is a "flag" which is set high only AFTER the first 1 is received. Thus using a fixed plaintext, change the input plaintext to be all 00's (<code>00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00</code):
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00[[File:B11_acqsetting.png|400px]]
We'll only be able to change the LAST TWO bytes, everything else will be too slow. So change the input plaintext to
 [[File:B11_plaintext_settingWith a bit of setup done, we can now perform a few captures.png|400px]] [[File:B11_acqsetting.png|400px]]
== Acquiring Example Data ==
We record 2x traces for each sequence to provide us with a 'reference' trace and another 'test' trace (in case we want to confirm a template match is working without using the exact same trace).
The third trace with the <code>AB E2</code> key will be the most interesting, as we will use that to demonstrate a working attack.To acquire the traces required in the following section perform the following: #
== Automating Attack ==
Approved_users, bureaucrat, administrator

Navigation menu