This shows you the differences between two versions of the page.
sasc:laboratoare:07 [2015/02/24 23:28] 127.0.0.1 external edit |
sasc:laboratoare:07 [2017/04/11 22:22] (current) marios.choudary |
||
---|---|---|---|
Line 1: | Line 1: | ||
- | ===== Laboratorul 07. ===== | + | ===== Lab 07 - Correlation Power Analysis ===== |
+ | In this lab we'll implement a side-channel attack known as **Correlation Power Analysis**. | ||
+ | You can see some details for how to implement this in the lecture notes | ||
+ | [[https://ocw.cs.pub.ro/courses/_media/sasc/laboratoare/sasc_curs8_sca.pdf|here]] | ||
+ | |||
+ | The principle is quite simple: | ||
+ | - Choose your target (generally the S-box output of some block cipher - in our case AES) | ||
+ | - Obtain a large number (thousands) of leakage samples for that target, when processing different plaintexts | ||
+ | - Choose a suitable leakage model (usually the hamming weight of the target value) | ||
+ | - For each possible key candidate (e.g. all values from 0 to 255), compute [[http://en.wikipedia.org/wiki/Pearson_product-moment_correlation_coefficient || Person's correlation coefficient]] between the leakage model estimate for that key candidate and the leakage traces. | ||
+ | - Decide for the key that gives maximum correlation | ||
+ | |||
+ | |||
+ | We'll discuss more in detail at the lab. | ||
+ | |||
+ | In this lab we shall use Matlab or Octave (MATLAB is preferred for speed reasons): | ||
+ | |||
+ | [[http://www.gnu.org/software/octave/ | Octave main page]] | ||
+ | [[http://wiki.octave.org/Octave_for_Windows | Download link for Windows]] | ||
+ | |||
+ | |||
+ | You might also need these additional packages: | ||
+ | |||
+ | [[http://sourceforge.net/projects/octave/files/Octave%20Windows%20binaries/ | Link for additional packages]] | ||
+ | |||
+ | Use these files as starting point: | ||
+ | {{:sasc:laboratoare:lab6.zip|}} | ||