As of August 2020 the site you are on ( is deprecated, and content is now at


Jump to: navigation, search

Investigating Block Cipher Modes with DPA

6 bytes added, 14:13, 1 May 2018
no edit summary
== Block Cipher Modes ==
In the real world, it's a bad idea to encrypt data directly using block ciphers like AES. The goal of encryption is to produce ciphertexts that look pseudo-random: there should be no visible patterns in the output. Using a block cipher directly, encrypting the same plaintext multiple times will always result in the same ciphertext, so any patterns in the input will also appear in the output. This encryption method is called the ''Electronic Code Book'' (ECB) block cipher mode.
== Firmware ==
To perform this attack, the SimpleSerial AES XMEGA firmware was modified to allow the target to use all five of these block cipher modes. The <code>encrypt()</code> function takes a new plaintext and produces the next ciphertext:
This code was compiled five times with five different values of <code>BLOCK_MODE</code>, producing five hex files (one for ECB encryption, one for CBC, etc). All of this code is in the ChipWhisperer repository under <code>chipwhisperer\hardware\victims\firmware\simpleserial-aes-modes\</code>.
== Captures and Attack ==
To perform the attack, each of the five hex files were loaded onto the ChipWhisperer Lite XMEGA target. Then, 200 traces were captured for each block cipher mode, using a fixed key and random plaintexts. All of the NumPy data files were copied from the project folder so they could be loaded in a Python script.

Navigation menu