DPA

DPA_AES_analyze_traces(plaintexts::Vector, traces::Matrix, power_estimate)

Performs a DPA attack against AES on given traces.

Arguments

• plaintexts: A vector of size N, where N is the number of power traces sampled.
• traces: A matrix of size M * N, where M is the number of samples per trace. Power traces are stored in column-major order, i.e. it is expected that traces[:,i] refers to the powertrace generated with plaintexts[i]

Returns

The recovered AES key.

DPA_AES_analyze(sample_function; N = 2^12)

Performs a DPA attack against AES, where traces are collected from a specified function.

Arguments

• sample_function: single-argument function that takes an input AES input (MVector{16, UInt8}) and returns a power trace as an array of numbers for this input.
• N: the number of traces to collect before performing the attack. Defaults to $2^12$

Returns

The recovered AES key

Example

julia> test_key = hex2bytes("00112233445566778899aabbccddeeff");
julia> sample_function(x) = DPA.sample_AES_power_trace(test_key, x);
julia> recovered_key = DPA.DPA_AES_analyze(sample_function);
[...]
julia> print(recovered_key)
UInt8[0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff]

function select(plaintext, key_guess, key_guess_index)::Bool

Decides in which partition a trace with input plaintext should fall when the key_guess_index-th key byte is set to key_guess.

Arguments

• plaintext: The text that was the input for the recorded power trace.
• key_guess_index: The targeted AES key byte.
• key_guess: The current guess for the targeted key byte.

Returns

True if the trace belongs to the first partition. False if the trace should belong to the second partition.