diff --git a/doc/sphinx/hwmultitarget.rst b/doc/sphinx/hwmultitarget.rst index af66775b6..113df819b 100644 --- a/doc/sphinx/hwmultitarget.rst +++ b/doc/sphinx/hwmultitarget.rst @@ -1,10 +1,10 @@ .. _hwmultitarget: MultiTarget Victim Board -======================================== +======================== Layout of the Board --------------------- +------------------- The general board layout is shown in the following image: @@ -16,14 +16,14 @@ Specifics of each section will be discussed next. .. _6pin: The 6-Pin Headers -------------------- +----------------- A core feature of the MultiTarget board is the 6-pin shunt header, allowing you to select choice of shunt type, noise measurement, differential measurement, and glitch injection. The layout of the 6-pin header is typically as follows, but be aware that VCC & GND may be swapped, see the silkscreen on the PCB: .. figure:: /images/6pin-fig1.png - + The *output* is always the middle row, and VCC/GND is above/below this row. Note that depending on the layout the 6-pin header may be rotated, or VCC/GND swapped. @@ -38,7 +38,7 @@ Using a jumper, you can measure the *noise* on the VCC or GND line for example: Or select to measure the power across either the VCC or GND shunts: .. figure:: /images/6pin-fig2.png - + Measuring power across the VCC shunt. The side closest to the Device Under Test (DUT) will always be the 'shunt connection' as above. @@ -56,12 +56,12 @@ a standard 50-ohm termination of the pulse generator output. Be sure to only attach a jumper to a SINGLE target on the multi-target board. This can otherwise cause serious problems as some parts are 3.3V only, and some parts have the ability to handle 5V supplies. This warning will be highlighted again when looking at the jumper selection for the SmartCard device. - + .. _vref: Target Voltage Selection --------------------------- +------------------------ The target devices are typically 3.3V only, however the smartcard socket can operate at 5V when running in pass-through mode. To accomplish this the 'VREF' pin is set to the operating voltage of the targets, and all IO lines (e.g. the serial @@ -78,7 +78,7 @@ together if e.g. you shunt the 'EXT' supply from the SmartCard onto the 3.3V sup .. figure:: /images/multitarget_power.jpg Routing of power to targets. Note if using the AVR or XMEGA targets, JP20 which selects the IO reference voltage must - be set to **INT.** to ensure correct operation. + be set to **INT.** to ensure correct operation. .. warning:: @@ -89,7 +89,7 @@ together if e.g. you shunt the 'EXT' supply from the SmartCard onto the 3.3V sup .. _clocksel: Oscillator Selection & Net ---------------------------- +-------------------------- By default, the board ships with a 7.3728 MHz and 3.579 MHz crystal oscillator. These devices are capable of generating a 3.3V logic-level oscillator signal. There is also a DIP pinout, which you could mount a standard 8-DIP or 14-DIP sized oscillator onto. The oscillator section is shown below, where a series of jumpers can connect these oscillators to the **CLKOSC** net. @@ -98,7 +98,7 @@ onto. The oscillator section is shown below, where a series of jumpers can conne Clock routing on the MultiTarget board -The AVR target and SmartCard target have local clock networks you can choose to connect the correct clock source to. Normally the +The AVR target and SmartCard target have local clock networks you can choose to connect the correct clock source to. Normally the usage of these jumpers is to route an oscillator of choice (7.37MHz for AVR, 3.579MHz for SmartCard) to the local clock network. This local clock network is also routed back to the FPGA. The following shows such an example for the DIP AVR, although similar settings could be used on the SmartCard: @@ -116,7 +116,7 @@ The XMEGA has differing setup of clock selection, which is described in more det .. _20pin: 20-Pin Target Header ----------------------- +-------------------- The 20-pin target header can connect to the ChipWhisperer Hardware, a breakout board, or the Papilio Pro adapter. The 20-pin header has the following pinout: @@ -153,7 +153,7 @@ Number Name Dir Description drive this pin. If using the breakout board **do not** mount the voltage selection jumper. AVR Target Section ----------------------- +------------------ A 28-pin DIP socket can hold one of the following AVRs: AtMega8, AtMega48, AtMega88, AtMega168, and AtMega328P. Note that many of these devices are available in various 'flavours' such as the AtMega88A or AtMega88P, which are pin-compatible and effectively the @@ -171,17 +171,17 @@ same for our application. Some information on this target: * JP2, JP3, Q1, C6, and C7 can be used to mount an external crystal and connect to the XTAL pins on the AVR Triggering Notes -"""""""""""""""""""""" +"""""""""""""""" All external trigger lines use the PORTC port, which is also the ADC. This is done because the digital drivers for PORTC actually come from the AVCC pin and **not** the VCC pin. Thus any transitions on the PORTC lines do not generate as large a spike in the power measurements -compared to similar transitions on PORTB/PORTD. +compared to similar transitions on PORTB/PORTD. * The trigger line is connected to PORTC.0, and there is no jumper to isolate it. If using another target you must **remove the 28-pin AVR from the socket**. * JP25 is the extra connection pins, which connect to PORTC and are also the ADC inputs to the AVR. 'Pin1' on JP25 is the top-most pin (e.g. closest to JP17), and the mapping of those pins is: - + ========== ========== JP25 Pin AVR Pin ========== ========== @@ -194,13 +194,13 @@ compared to similar transitions on PORTB/PORTD. ========== ========== Programming Notes -"""""""""""""""""""""" +""""""""""""""""" * The AVR In Circuit Programming (ISP) pins are always connected to the ISP connections (MOSI/MISO/SCK/RESET) on the 20-pin header. If you wish to program the 28-pin DIP, ensure that all jumpers on JP8 are removed. If you wish to program the SmartCard, you need to remove the 28-pin AVR from the socket, as there is no way to isolate the programming lines of the 28-pin DIP except for removing the device. Warnings -""""""""""""""""""""""" +"""""""" .. warning:: You MUST set jumper JP20 to **INT.** to ensure the IO standards on the RXD and TXD lines are 3.3V. @@ -212,7 +212,7 @@ Warnings present anyway). Do not forget to clear JP1 when removing the AVR. XMEGA Target Section ---------------------- +-------------------- An ATXMEGA16A4 device is mounted on the target board. Note that since the device is soldered down, jumpers are provided which are able to electrically isolate the device from the rest of the board when you are not using the XMEGA. Some notes on the XMEGA device: @@ -225,10 +225,13 @@ electrically isolate the device from the rest of the board when you are not usin * JP11 connects to pin PORTC.3, which is the TXD (output) on the XMEGA. * When not using the AVR remove these jumpers to isolate the AVR from the shared serial connections. * JP13 is the 'Trigger' connection on the XMEGA, which connectors to PORTA.0. This is one of the analog pins as well. -* JP19 connects pin PORTD.7 to the FPGAIN clock network. PORTD.7 is the output pin from the XMEGA so you can syncronize to +* JP19 connects pin PORTD.7 to the FPGAIN clock network. PORTD.7 is the output pin from the XMEGA so you can synchronize to the internal RC oscillator. * JP15 is the two XTAL/CLK pins on the XMEGA. If you want to route an external clock to the XMEGA, you can do so by running a jumper wire from a suitable source (e.g. one of the FPGAOUT pins or the oscillators) to the XMEGA. +* Using the 'CLKOUT' net from the XMEGA seems to cause excessive noise on the shunt resistor, which causes analysis to fail. It's + recommended to jumper the clock oscillator into the XTAL1 pin on JP15. Future revisions of this board will have a clock jumper + to simplify this. The XMEGA is programmed via the PDI interface, and the PDI pins on the XMEGA connect to the 20-pin target header. @@ -236,7 +239,7 @@ The XMEGA is programmed via the PDI interface, and the PDI pins on the XMEGA con The XMEGA is a 3.3V only device. Always remove **ALL** jumpers from the XMEGA section when not using the device, as there can be a somewhat complicated connection of jumpers. It is not sufficient to just remove the 'PWR' jumper for example. - + .. warning:: Ensure JP20 is set to **INT.** so that the serial bus lines will drive a 3.3V logic level when using the XMEGA. @@ -244,26 +247,26 @@ The XMEGA is programmed via the PDI interface, and the PDI pins on the XMEGA con .. _smartcard: SmartCard Target Section -------------------------- +------------------------ TODO Pass-Thru/SASEBO-W Adapator -"""""""""""""""""""""""""""" +""""""""""""""""""""""""""" .. warning:: It is completely possible to use the **EXT.** IO voltage, allowing the ChipWhisperer to interface with 5V SmartCards. Before doing this follow all warnings in section :ref:`vref`, or you may **DESTROY THE CHIPWHISPERER DEVICE** by shunting the external power supply onto internal 3.3V rails. - -See :ref:`sasebowmultitarget`. - + +See :ref:`sasebowmultitarget`. + Low Noise Amplifier --------------------- +------------------- Two 20dB Low Noise Amplifiers (LNA) are mounted on the board. When connecting to standard oscilloscopes, they can be used -to amplify very small signals coming from a shunt resistor or H-Field probe. +to amplify very small signals coming from a shunt resistor or H-Field probe. The LNA chain is shown in the following figure: diff --git a/doc/sphinx/images/tutorials/advanced/ilyaxmega/analysisrunning.png b/doc/sphinx/images/tutorials/advanced/ilyaxmega/analysisrunning.png new file mode 100644 index 000000000..a436cc376 Binary files /dev/null and b/doc/sphinx/images/tutorials/advanced/ilyaxmega/analysisrunning.png differ diff --git a/doc/sphinx/images/tutorials/advanced/ilyaxmega/capture1_fullworking.png b/doc/sphinx/images/tutorials/advanced/ilyaxmega/capture1_fullworking.png new file mode 100644 index 000000000..86e818bde Binary files /dev/null and b/doc/sphinx/images/tutorials/advanced/ilyaxmega/capture1_fullworking.png differ diff --git a/doc/sphinx/images/tutorials/advanced/ilyaxmega/capture1_working.png b/doc/sphinx/images/tutorials/advanced/ilyaxmega/capture1_working.png new file mode 100644 index 000000000..f62ac7929 Binary files /dev/null and b/doc/sphinx/images/tutorials/advanced/ilyaxmega/capture1_working.png differ diff --git a/doc/sphinx/images/tutorials/advanced/ilyaxmega/customscript.png b/doc/sphinx/images/tutorials/advanced/ilyaxmega/customscript.png new file mode 100644 index 000000000..289a1dddd Binary files /dev/null and b/doc/sphinx/images/tutorials/advanced/ilyaxmega/customscript.png differ diff --git a/doc/sphinx/images/tutorials/advanced/ilyaxmega/fastdraw.png b/doc/sphinx/images/tutorials/advanced/ilyaxmega/fastdraw.png new file mode 100644 index 000000000..68ec353bc Binary files /dev/null and b/doc/sphinx/images/tutorials/advanced/ilyaxmega/fastdraw.png differ diff --git a/doc/sphinx/images/tutorials/advanced/ilyaxmega/gocommand.png b/doc/sphinx/images/tutorials/advanced/ilyaxmega/gocommand.png new file mode 100644 index 000000000..ef397fc95 Binary files /dev/null and b/doc/sphinx/images/tutorials/advanced/ilyaxmega/gocommand.png differ diff --git a/doc/sphinx/images/tutorials/advanced/ilyaxmega/results_output.png b/doc/sphinx/images/tutorials/advanced/ilyaxmega/results_output.png new file mode 100644 index 000000000..1232864c3 Binary files /dev/null and b/doc/sphinx/images/tutorials/advanced/ilyaxmega/results_output.png differ diff --git a/doc/sphinx/images/tutorials/advanced/ilyaxmega/slength.png b/doc/sphinx/images/tutorials/advanced/ilyaxmega/slength.png new file mode 100644 index 000000000..858a47161 Binary files /dev/null and b/doc/sphinx/images/tutorials/advanced/ilyaxmega/slength.png differ diff --git a/doc/sphinx/images/tutorials/advanced/ilyaxmega/traces.png b/doc/sphinx/images/tutorials/advanced/ilyaxmega/traces.png new file mode 100644 index 000000000..de99fd450 Binary files /dev/null and b/doc/sphinx/images/tutorials/advanced/ilyaxmega/traces.png differ diff --git a/doc/sphinx/images/tutorials/advanced/ilyaxmega/xmegajumpers.jpg b/doc/sphinx/images/tutorials/advanced/ilyaxmega/xmegajumpers.jpg new file mode 100644 index 000000000..4c2492931 Binary files /dev/null and b/doc/sphinx/images/tutorials/advanced/ilyaxmega/xmegajumpers.jpg differ diff --git a/doc/sphinx/images/tutorials/advanced/ilyaxmega/xmegarxtx.png b/doc/sphinx/images/tutorials/advanced/ilyaxmega/xmegarxtx.png new file mode 100644 index 000000000..92a4779dc Binary files /dev/null and b/doc/sphinx/images/tutorials/advanced/ilyaxmega/xmegarxtx.png differ diff --git a/doc/sphinx/tutorialilyaxmega.rst b/doc/sphinx/tutorialilyaxmega.rst new file mode 100644 index 000000000..cf1fd7ee8 --- /dev/null +++ b/doc/sphinx/tutorialilyaxmega.rst @@ -0,0 +1,295 @@ +.. _tutorialilyaxmega: + +Tutorial #A6: Replication of Ilya Kizhvatov's XMEGA Attack +========================================================== + +This tutorial will demonstrate how the ChipWhisperer system can be used to replicate published +academic research findings. In this case we will attempt to recreate an attack published by +Dr. Ilya Kizhvatov, which was performed against the AES implementation in the Atmel XMega device. + +If using hardware-accelerated cryptography in your design, it is useful to understand possible +vulnerabilities to side-channel power analysis attacks. It must be **strongly** cautioned that there +are many published attacks against other hardware crypto accelerators: the XMega device is likely +about as secure as any other general-purpose hardware crypto accelerator (i.e. one without explicit +side-channel resistance). + +Within Atmel's product line alone some devices *do* mention side-channel analysis resistance. Thus +when designing an embedded product, it's up to the designer to understand why they should care about +side-channel analysis resistance, and to select an appropriate device if they need to defend against +such an attack. + +Background +---------- + +As a reference, you will need a copy of Dr. Kizhvatov's paper entitled "Side Channel Analysis of +AVR XMEGA Crypto Engine", published in the Proceedings of the 4th Workshop on Embedded Systems Security. +If you have access to the ACM Digital Library (most likely because you are part of a university), you +can read this paper on the `ACM Digital Library `_. + +Otherwise, you can read this paper as part of Chapter 4 of Dr. Kizhvatov's `PhD Thesis `_, +starting around page 77 of that PDF file. + +Setting up the Hardware +----------------------- + +This tutorial uses the :ref:`hwcapturerev2` hardware along with the :ref:`hwmultitarget` +board. Note that you **don't need hardware** to complete the tutorial. Instead you can +download `example traces from the ChipWhisperer Site `__, +just look for the traces titled *XMEGA: AES128 Hardware Accelerator (ChipWhisperer Tutorial #A6)*. + +This example uses the XMEGA Device. You can see instructions for programming in the +:ref:`installing` section, this tutorial assumes you have the programmer aspect working. + +The Multi-Target board should be plugged into the ChipWhisperer Capture Rev2 via the 20-pin target cable. The *VOUT* SMA connector is +wired to the *LNA* input on the ChipWhisperer-Capture Rev2 front panel. The general hardware setup is as follows: + + 1. 20-Pin Header connects Multi-Target to Capture Hardware + 2. VOUT Connects to SMA Cable + 3. SMA Cable connects to 'LNA' on CHA input + 4. USB-Mini connects to side (NB: Confirm jumper settings in next section first) + +Jumpers on the Multi-Target Victim board are as follows: + + .. image:: /images/tutorials/advanced/ilyaxmega/xmegajumpers.jpg + + 1. NO jumpers mounted in AVR Portion (JP1,JP4-6,JP28) or SmartCard Portion. Note if your multi-target board does not + have JP28, the TRIG jumper for the AVR, you will have to remove the AVR from the socket. + 2. 3.3V IO Level (JP20 set to INT.) + 3. The 7.37 MHz oscillator is selected as the CLKOSC source (JP18) + 4. The CLKOSC is routed to the FPGAIN pin (requires jumper wire on JP17), along with routed to XTAL1 pin of XMEGA + (requires jumper wire to JP4/JP15). + 5. The TXD & RXD jumpers are set on the XMEGA portion (JP5, JP6) + 6. The TRIG jumper is set on the XMEGA portion (JP13) + 7. The PWR jumper is set on the XMEGA portion (JP14) + 8. Power measurement taken from VCC shunt (JP12) + + For more information on these jumper settings see the XMEGA section of :ref:`hwmultitarget`. + + +Building/Programming the XMEGA Target +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +As described in :ref:`installing`, you'll need to configure the AVR-GCC compiler. Assuming you have this setup, you can run ``make`` in the directory +``chipwhisperer\hardware\victims\firmware\xmega-serial``, which should give you an output like this:: + + Size after: + AVR Memory Usage + ---------------- + Device: atxmega16a4 + + Program: 4572 bytes (22.3% Full) + (.text + .data + .bootloader) + + Data: 369 bytes (18.0% Full) + (.data + .bss + .noinit) + + -------- end -------- + +Using either AVRStudio or AVRDude, program the XMega16A4 device (it is connected to the programmer built into the ChipWhisperer) with the resulting +simpleserial.hex file. + +Running the Capture +^^^^^^^^^^^^^^^^^^^ + +1. Close & reopen the capture software (to clear out any previous connection which may be invalid). +2. From the *Project* menu elect the *Example Scripts* and then *ChipWhisperer-Rev2: SimpleSerial Target* + + .. image:: /images/tutorials/basic/aes/runscript.png + +3. The script will automatically connect to the capture hardware and run 2 example traces. They will not yet work on the XMega as additional setup is + required. You must switch the RX/TX pins: + + .. image:: /images/tutorials/advanced/ilyaxmega/xmegarxtx.png + +4. Run a 'Capture 1', you should confirm the encryption algorithm is working: + + .. image:: /images/tutorials/advanced/ilyaxmega/capture1_working.png + +5. Switch from software to hardware crypto. To do this change the 'Go' command to ``h$TEXT$\n``: + + .. image:: /images/tutorials/advanced/ilyaxmega/gocommand.png + +6. Finally, set the offset to 1500, and number of samples to only 1000: + + .. image:: /images/tutorials/advanced/ilyaxmega/slength.png + +7. Confirm you now get something like this with a 'capture 1': + + .. image:: /images/tutorials/advanced/ilyaxmega/capture1_fullworking.png + +8. To complete the tutorial, follow these steps: + + 1. Switch to the *General Settings* tab + 2. Change the number of traces to 3000. + 3. Hit the *Capture Many* button (M in a green triangle) to start the capture process. + 4. You will see each new trace plotted in the waveform display. + 5. Wait until the capture is complete. + +4. Finally save this project using the *File --> Save Project* option, give it any name you want. + +Analyzing of Power Traces +------------------------- + +As in the :ref:`tutorialaes256boot` tutorial, we will be using the Python script file to override the provided HW model. This will allow us to implement +the model given by Kizhvatov for performing the CPA attack. + +Remember that when you change settings in the GUI, the system is actually just automatically adjusting the attack script. You could modify the attack script +directly instead of changing GUI settings. Every time you touch the GUI the autogenerated script is overwritten however, so it would be easy to lose your +changes. As an example here is how setting the point range maps to an API call: + + .. image:: /images/tutorials/advanced/aes256/autoscript1.png + +We will first automatically configure a script, and then use that as the base for our full attack. + +1. Open the Analyzer software + +2. From the *File --> Open Project* option, navigate to the `.cwp` file containing the capture of the + power usage. This can be either the aes128_xmega_hardware.cwp file downloaded, or the capture + you performed. + +3. View the trace data as before, which should look something like this: + + .. image:: /images/tutorials/advanced/ilyaxmega/traces.png + +4. Set the 'Reporting Interval' to 50 or 100. We can change this later through the script. + +4. We are now ready to insert the custom data into the attack module. On the *General* tab, make a copy of the auto-generated script. Do so by clicking + on the autogenerated row, hit *Copy*, save the file somewhere. Double-click on the description of the new file and give it a better name. Finally + hit *Set Active* after clicking on your new file. The result should look like this: + + .. image:: /images/tutorials/advanced/ilyaxmega/customscript.png + +9. You can now edit the custom script file using the built-in editor OR with an external editor. In this example the file would be ``C:\Users\Colin\AppData\Local\Temp\cw_testilya.py``. + +The following defines the required functions to implement, you should refer to the academic paper for details of the correlation model:: + + # Imports + from chipwhisperer.analyzer.attacks.models.AES128_8bit import getHW + + def AES128_HD_ILYA(pt, ct, key, bnum): + """Given either plaintext or ciphertext (not both) + a key guess, return hypothetical hamming weight of result""" + + #In real life would recover this one at a time, in our case we know entire full key, so we cheat to make + #the iterations easier + knownkey = [0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c] + + if pt != None: + s1 = pt[bnum-1] ^ knownkey[bnum-1] + s2 = pt[bnum] ^ key + + #We subtract 8 as way measurements are taken a higher current results in a lower voltage. Normally this + #doesn't matter due to use of absolute values. In this attack we do not use absolute mode, so we simply + #"flip" the expected hamming weight, which results in the correlation changing signs. + + return 8-getHW(s1 ^ s2) + + elif ct != None: + raise ValueError("Only setup for encryption attacks") + else: + raise ValueError("Must specify PT or CT") + +10. Add the above function to your custom script file. + +11. Change the ``setAnalysisAlgorithm`` to use your custom functions byt making the following call, see the full script in the Appendix:: + + self.attack.setAnalysisAlgorithm(CPAProgressive,chipwhisperer.analyzer.attacks.models.AES128_8bit, AES128_HD_ILYA) + +12. Adjust the attack bytes to *NOT* attack the first byte, as our hacked script will not work with it:: + + self.attack.setTargetBytes([1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15]) + +13. We want to disable 'absolute mode', where by default the absolute value of the CPA attack is taken. We can do this by adding + a call to `self.attack.setAbsoluteMode(False)` before the return statement, for example:: + + self.attack.setPointRange((0,996)) + self.attack.setAbsoluteMode(False) + return self.attack + +14. Run *Start Attack* as before! Wait for the attack to complete, which should show the key (except for the first byte) being + recovered: + + .. image:: /images/tutorials/advanced/ilyaxmega/analysisrunning.png + +15. At this point you can also look at the output values, which one can compare to the shape of the values published in the paper: + + .. image:: /images/tutorials/advanced/ilyaxmega/results_output.png + + For more detailed plotting, turn off the 'Fast Draw' option: + + .. image:: /images/tutorials/advanced/ilyaxmega/fastdraw.png + + You can also use the 'GUI Override' on the byte highlighting to change the highlighted byte. + + +Appendix A: Full Attack Script +------------------------------ + +Here is the full attack script:: + + # Based on Ilya Kizhvatov's work, published as "Side Channel Analysis of AVR XMEGA Crypto Engine" + from chipwhisperer.common.autoscript import AutoScriptBase + #Imports from Preprocessing + import chipwhisperer.analyzer.preprocessing as preprocessing + #Imports from Capture + from chipwhisperer.analyzer.attacks.CPA import CPA + from chipwhisperer.analyzer.attacks.CPAProgressive import CPAProgressive + import chipwhisperer.analyzer.attacks.models.AES128_8bit + #Imports from utilList + + # Imports + from chipwhisperer.analyzer.attacks.models.AES128_8bit import getHW + + def AES128_HD_ILYA(pt, ct, key, bnum): + """Given either plaintext or ciphertext (not both) + a key guess, return hypothetical hamming weight of result""" + + #In real life would recover this one at a time, in our case we know entire full key, so we cheat to make + #the iterations easier + knownkey = [0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c] + + if pt != None: + s1 = pt[bnum-1] ^ knownkey[bnum-1] + s2 = pt[bnum] ^ key + + #We subtract 8 as way measurements are taken a higher current results in a lower voltage. Normally this + #doesn't matter due to use of absolute values. In this attack we do not use absolute mode, so we simply + #"flip" the expected hamming weight, which results in the correlation changing signs. + + return 8-getHW(s1 ^ s2) + + elif ct != None: + raise ValueError("Only setup for encryption attacks") + else: + raise ValueError("Must specify PT or CT") + + class userScript(AutoScriptBase): + preProcessingList = [] + def initProject(self): + pass + + def initPreprocessing(self): + self.preProcessingList = [] + return self.preProcessingList + + def initAnalysis(self): + self.attack = CPA(self.parent, console=self.console, showScriptParameter=self.showScriptParameter) + self.attack.setAnalysisAlgorithm(CPAProgressive,chipwhisperer.analyzer.attacks.models.AES128_8bit,AES128_HD_ILYA) + self.attack.setTraceStart(0) + self.attack.setTracesPerAttack(2999) + self.attack.setIterations(1) + self.attack.setReportingInterval(50) + self.attack.setTargetBytes([0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15]) + self.attack.setKeyround(0) + self.attack.setDirection('enc') + self.attack.setTraceManager(self.traceManager()) + self.attack.setProject(self.project()) + self.attack.setPointRange((0,996)) + self.attack.setAbsoluteMode(False) + return self.attack + + def initReporting(self, results): + results.setAttack(self.attack) + results.setTraceManager(self.traceManager()) + self.results = results + + def doAnalysis(self): + self.attack.doAttack() diff --git a/doc/sphinx/tutorialsadvanced.rst b/doc/sphinx/tutorialsadvanced.rst index 2a98fc130..d014b0d34 100644 --- a/doc/sphinx/tutorialsadvanced.rst +++ b/doc/sphinx/tutorialsadvanced.rst @@ -11,6 +11,7 @@ Advanced Tutorials tutorialglitchvcc tutorialsadtrigger tutorialaes256boot + tutorialilyaxmega