PB173 Domain specific
development: side-channel
analysis
Seminar 7: Progress on First Steps
Łukasz Chmielewski
chmiel@fi.muni.cz, Consultation: A406 Friday 9:00-11:00
USEFUL CONCEPT+ EXAMPLE +
EXERCISE
2
1: Guessing entropy / Key rank
3
1: Guessing entropy in the wild
4
2: Reverse engineering of JavaCard bytecode
• Goal: obtain code back from smart card
– JavaCard defines around 140 bytecode instructions
– JVM fetch instruction and execute it
| PB173 Intro
(source code)
m_ram1[0] = (byte) (m_ram1[0] % 1);
(bytecode)
getfield_a_this 0;
sconst_0;
baload;
sconst_1;
srem;
bastore;
(power trace)
compiler oscilloscope
5
2: Conditional jumps
• may reveal sensitive info
• keys, internal branches, …
6
(bytecode)
sload_1;
ifeq_w L2;
L1: getfield_a_this 0;
sconst_0;
sconst_0;
bastore;
goto L3;
L2: getfield_a_this 0;
sconst_0;
sconst_1;
bastore;
goto L3;
L3: …
(source code)
if (key == 0) m_ram1[0] = 1;
else m_ram1[0] = 0;
compiler
oscilloscope
(power trace, k != 0)
(power trace, k == 0)
Can you use
timing attack?
3: PIN Checking simple_pin.c: find two
problems
7
ORGANIZATIONAL
8
Organization
• Group 1: Alignment
– https://github.com/2lol555/pb173-side-channel/tree/main
– Progress: ?
• Group 2: Parallel computations with acquisition
– https://github.com/makuga01/pb173-sidechannels
– Progress: ?
9
Register in IS – thank you!
10
Group 1: Alignment
• Goals:
– Peak-Based Alignment
– Correlation-based Alignment
– Optional: elastic versions
• Look at:
– AES_fixed_rand_input_CAFEBABEDEADBEEF0001020304050607+SAVEEVEN(0,1000).trs
– AES_fixed_rand_input_CAFEBABEDEADBEEF0001020304050607+SAVEEVEN(0,1000)+MIS(100).trs
• First tasks:
– Try to align the traces mentioned above using peak-based
alignment. Note that it might not work for …MIS… traces.
– See all the uploaded scripts till now
• Later task - Correlation-based Alignment
• Prepared: more traces for you – see IS ☺
11
Group 2: Parallel computations with
acquisition
• Implement multithreaded Acquisition + Processing
• Measure Efficiency
• First Task: measure the efficiency of the
acquisition
• Subsequent tasks: observe the impact of
processing and try to add WindowResample in
parallel to the acquisition
• Prepared for you: see
– https://github.com/ikizhvatov/efficient-columnwise-correlation and
– cpa_aes_evol.py (see IS)
12
Reminder: Colloquium
• To get the colloquium
– You must be present at seminars (2 absences OK)
– You must be active at seminars (+2 points given by me at
the end)
– You must submit and get:
• 50%: 7 points in total
(projects + presentation + activity = 14 points)
| PB173 Org. & Introduction13
Remaining Seminars Plan
• 7: evaluation of progress on first steps: 1 point per person
per work done till today also based on the commits in GIT
• 8: evaluation of finished first steps : 3 points per group
(personalized per person based on the Github) + giving the
next tasks
9: work in progress
• 10: 4 points per group (personalized per person based on
the GitHub) + what would say about showing a more official
progress presentations?
• 11/12: national holiday / online consultation
• 13: final 2 points for work + 2 points for presentations + 2
points for activity, grading.
14
WORK
15
Group 1: Alignment
16
Empty README! Please update so we can test
your code.
Group 2: Parallel computations with
acquisition
17
Empty README! Please update so we can test
your code.
WORK IN GROUPS (60-70 MIN):
GRADING (JUST TO TRY, ONLY 1 POINT)
DISCUSSING NEXT STEPS AND
WHETHER THE FIRST STEPS ARE DONE
18
Homework
• Finalize the first tasks for your project and start
working on new goals.
• Everyone should commit and work on the
repository.
• More grading for more points is coming.
19
Reading
• For interested people
• Side-Channel Analysis – blue book:
– http://dpabook.iaik.tugraz.at/
– The books is available at the uni.
– Look online
• The Hardware Hacking Handbook:
– https://nostarch.com/hardwarehacking
– I have an epub version.
20
21
| PA193 - Programming in the presence of side-channels /
faults
Questions