Differences
This shows you the differences between two versions of the page.
|
sasc:laboratoare:07 [2015/02/24 23:28] 127.0.0.1 external edit |
sasc:laboratoare:07 [2017/04/11 22:22] (current) marios.choudary |
||
|---|---|---|---|
| Line 1: | Line 1: | ||
| - | ===== Laboratorul 07. ===== | + | ===== Lab 07 - Correlation Power Analysis ===== |
| + | In this lab we'll implement a side-channel attack known as **Correlation Power Analysis**. | ||
| + | You can see some details for how to implement this in the lecture notes | ||
| + | [[https://ocw.cs.pub.ro/courses/_media/sasc/laboratoare/sasc_curs8_sca.pdf|here]] | ||
| + | |||
| + | The principle is quite simple: | ||
| + | - Choose your target (generally the S-box output of some block cipher - in our case AES) | ||
| + | - Obtain a large number (thousands) of leakage samples for that target, when processing different plaintexts | ||
| + | - Choose a suitable leakage model (usually the hamming weight of the target value) | ||
| + | - For each possible key candidate (e.g. all values from 0 to 255), compute [[http://en.wikipedia.org/wiki/Pearson_product-moment_correlation_coefficient || Person's correlation coefficient]] between the leakage model estimate for that key candidate and the leakage traces. | ||
| + | - Decide for the key that gives maximum correlation | ||
| + | |||
| + | |||
| + | We'll discuss more in detail at the lab. | ||
| + | |||
| + | In this lab we shall use Matlab or Octave (MATLAB is preferred for speed reasons): | ||
| + | |||
| + | [[http://www.gnu.org/software/octave/ | Octave main page]] | ||
| + | [[http://wiki.octave.org/Octave_for_Windows | Download link for Windows]] | ||
| + | |||
| + | |||
| + | You might also need these additional packages: | ||
| + | |||
| + | [[http://sourceforge.net/projects/octave/files/Octave%20Windows%20binaries/ | Link for additional packages]] | ||
| + | |||
| + | Use these files as starting point: | ||
| + | {{:sasc:laboratoare:lab6.zip|}} | ||
