Archive · old wiki · last edited August 2012

Using the SASEBO-GII in Slightly More Advanced Ways

Archived from the site that ran here before WordPress, and reproduced as written — links and prices and "coming soon"s included. Nothing on this page is maintained.

Alright, so you’ve got a SASEBO-GII board. What now? Well there is a lot of great resources & getting started guides:

  1. http://www.morita-tech.co.jp/SASEBO/en/DPAcontest/index.html
  2. http://www.morita-tech.co.jp/SAKURA/en/hardware/SASEBO-GII.html
  3. http://www.risec.aist.go.jp/project/sasebo/download/sasebo_gii_materials.zip

Beyond those, this page has some additional notes you might find handy.

Programming the FPGA

You can program the FPGAs using the USB interface. It’s not that easy, but it is possible, as described on Using JTAG over USB.

You need to program two .mcs files into the SPI FLASH chips connected to both FPGAs. The files are: Virtex MCS File Spartan (control) MCS File These are both from link #1 at the beginning.

Software Repository

A number of useful software are provided for the sasebo. Unfortunately there is no project to save any improvements. To remedy that, I’ve forked that code and committed it publicly at https://www.assembla.com/spaces/sasebofork

Wherever I talk about modified SW versions, this is what I mean.

Modifying the Capture SW

You may need to modify the provided capture SW to work with your scope. I added support for another scope in the ‘waveform_acqusition’ folder. You can ignore the ‘15dot4-tools’ project, that was a test.

Modifying the CPA SW for Search Info

The example CPA attack is handy, but is missing a few features. I’ve modified it to add an ability to print how your search process is going.

You can call the modified cpa.exe with two new arguments:

cpa -i=100 -m=9B:A5:A3:14:40:32:37:C8:CD:06:13:AA:88:62:49:6A -r=10 directory

The -m argument tells CPA what the correct final-round key should be - that is what the correct key it should be getting is. The -r=10 tells it to print if we consider permutations of the possible keys, where it would fall.

The output looks something like this:

loop: 1100
    EB     89     A3     14     96     32     37     54     CD     D4     13     07     88     FE     49     5C
 .1186  .1127  .1697  .1369  .1151  .1780  .1590  .1120  .1600  .1122  .1474  .1075  .1432  .1223  .1761  .1242
    6E     75     5F     5B     19     CF     8A     3E     B1     AF     E1     AA     71     62     8D     9B
 .1162  .1120  .1249  .1093  .1130  .1325  .1372  .1116  .1221  .1088  .1271  .1069  .1252  .1147  .1332  .1161
    D8     47     43     65     2E     1B     B7     26     F7     31     21     94     9E     98     1B     14
 .1143  .1089  .1243  .1075  .1098  .1203  .1144  .1109  .1205  .1065  .1206  .1058  .1164  .1132  .1275  .1108
    F4     9E     AE     26     D9     DE     DC     EC     31     49     64     EA     AE     E3     ED     31
 .1127  .1089  .1207  .1063  .1087  .1143  .1124  .1094  .1176  .1062  .1169  .1052  .1138  .1123  .1230  .1080
    62     45     82     C6     40     0C     0A     C8     08     E3     43     FE     77     8B     03     D5
 .1097  .1084  .1082  .1062  .1086  .1110  .1090  .1085  .1106  .1014  .1142  .1047  .1110  .1123  .1195  .1063
     9      6      0      0      4      0      0      4      0    118      0      1      0      1      0    216
ats for loop 1100:
Bits wrong: 32 Bytes wrong: 8
Perfect byte matches found in top 10: 8 10 10 10 12 12 13 13 13 14
1-off byte matches found in top 10:   8 10 10 10 12 13 14 14 14 15

The number at the bottom of each column is where the correct subkey has been ranked. For example 0 means that subkey is correct, whereas 118 means the algorithm is very wrong for that specific subkey!

The perfect matches found in top 10: says how many subkeys (bytes) are matched within the top 1,2,3,etc spots. So 8 bytes have been correctly identified if we take the top ranked spots only. 10 bytes if we take the top 1 & 2nd ranks.

Modifying the CPA SW for Bayesian Probabilities

The CPA tool has also been modified to print Bayesian probabilities, instead of some correlation number. The decimcal number for each byte represents the probability the correct subkey is that specific number.

The total of the probabilities for each subkey (column) add up to 1.0, although only the top ten are printed.

Windowing

Don’t forget to use -e and -s options to ‘window’ the measurements. That is to select the most relevant part of the trace for performing the attack.

You do this through some experimentation.

Example Running of CPA

If you have the DPAContestv3 cryptographic AES loaded, you could make a batch file called docpa.bat:

cpa -i=100 -m=9B:A5:A3:14:40:32:37:C8:CD:06:13:AA:88:62:49:6A -r=10 %1

Then run that like:

docpa.bat wf_gii_2012_05_15_101504