As of August 2020 the site you are on ( is deprecated, and content is now at


Jump to: navigation, search

Tutorial A5 Breaking AES-256 Bootloader

37 bytes added, 19:05, 5 November 2017
13th Round Key
# Resynchronize the traces, see the separate 'Preprocessing' tutorial (NB: only in slides right now!)
{{warningbox|Make sure you get a nice aligned last section of the traces, as in the above below figure. You may need to adjust the "input window" or "reference points" slightly. If you do not see the nice alignment the remaining attack will fail! [[File:A5_pp_resync_end.png|400px]]}}
The next step is to program our own leakage model. The following Python code models the Hamming weight model of the 13th round S-box:
Approved_users, bureaucrat, administrator

Navigation menu