/jlsca-tutorials

Tutorials and examples on how to use Jlsca, the high-performance side channel analysis toolkit written in Julia

Primary LanguageJupyter NotebookGNU General Public License v3.0GPL-3.0

Jlsca tutorials

Examples on how to use Jlsca, the side channel analysis toolkit written in Julia.

Prerequisites

It all works alike on Linux, Mac, and Windows.

Here is a docker image built on top of Orka with all the prerequisites (apart from some example tracesets).

Starting IJulia's Jupyter with threading

Jlsca's incremental correlation benefits from more threads. By default Julia only has 1 thread, but you can configure this by setting environment variable JULIA_NUM_THREADS. Start the notebook like this to give Julia 2 threads:

JULIA_NUM_THREADS=2 julia -e "using IJulia; notebook()"

Trace formats

Working with any tool starts with the data formats. Jlsca natively works with trs format, originally used by Riscure Inspector, and in addition handles other formats.

  • Daredevil (split binary) format. Jlsca natively supports it for both reading and writing, and includes a converter to/from trs. Whitebox example notebook below shows how to do conversion.
  • ChipWhisperer project format. Examples of how to convert data from CWP to trs are below in RHme2 notebooks. In case you would like to export a trs into CWP, here is the noteboook: trs2cwp.ipynb.

DPA on SW AES implementations

These are simple examples on how to do the SCA challenges of the RHme2 embedded CTF.

  • piece of SCAke - correlation power analysis attack on unprotected AES-128
  • still not SCAry - linear regression analysis attack on AES-128 with a misalignment countermeasure
  • SCAlate - correlation power analysis attack on AES-128 with a misalignment countermeasure

Tarballs with power traces available at https://drive.google.com/drive/folders/0B2slHLSL3nXaTFBWMUxHSkNmSTg, shasums included.

Here are the external writeups showing how to adapt examples above to do RHme3 SCA qualifier challange: [1], [2], [3]. Note that due to recent changes in Jlsca these writeups need minor adjustments to be runnable.

Second-order DPA

DPA on whitebox implementations

HPC (runnig on a computing cluster)

Jlsca can be run on a cluster of Linux machines.

DPA on HMAC-SHA

  • DPA on HMAC-SHA1 running on STM32F417 with hardware SHA accelerator. This is an advanced example. Traceset here.