Feature: Hardware design
Figure 4: AES bytewise AddRoundKey and non-linear lookup through the standard substitution box (S-BOX)
Figure 5: A programmable glitching stream derived from the system clock
for the first password letter and records power traces for each attempt. Te failing characters will have a common profile while the successful character will stand out with distinct profile, as shown in Figure 3. Repeat for the remaining letters and you have the password.
Differential power analysis More advanced forms of power analysis will allow us to make inferences about data values such as cryptography keys in addition to program flow. As data processing instructions are executed, the power consumption will vary depending on the value of the operands. In fact, we can assume that the power consumption is linear to the Hamming weight (number of logic 1s) in the operand. Tis leads us to our next attack or “differential power analysis (DPA)”. DPA can be used to attack a cypher algorithm such as the AES. First, we need to find a weak spot in the algorithm. Whilst AES is resistant to all known
forms of cryptoanalysis, it can succumb to a hardware attack. Te algorithm performs 16 rounds of encryption, where each round is made up of several discrete operations (SubBytes, ShiſtRows,
MixColumns, AddRoundKey). Te initial round zero is an AddKeyRound which is a bytewise XOR of the encryption key bytes with the input plaintext; see Figure 4. Te resulting value is used in
Round1 where the first operation performs a lookup into a table called a substitution box (S-BOX). Te S-BOX is mathematically defined to ensure maximal separation of encryption values, and is highly non-linear. While this makes AES a strong cypher, it actually helps us perform a power analysis since it causes bigger deviations between values. Importantly, the Round0 AddRoundKey operation uses the encryption key directly while subsequent rounds use a sub key derived from the encryption key via a key schedule. So, the first AddRoundKey and
SubBytes operation is our attack point. Whilst AES has a minimal 128-bit key (16 bytes), we can attack it byte by byte. First, we need to build a simulation of the AddRoundKey and S-BOX operation so that we can calculate the intermediate output values for known data and any possible candidate keys. As there are only 256 keys for each key byte, this is a feasible attack.
22 February 2026
www.electronicsworld.co.uk Next, we select an initial candidate key
(k) and a set of random data values (P[i]). We then apply each of the data values combined with the candidate key to the algorithm under test and record a set of power traces. Now we have two arrays, one for the data bytes (P[i]) passed into the algorithm and one of the matching power trace data Wi[t]. Te more traces we can record, the better our results will be.
To perform the attack, take the
candidate encryption key, then using the PC simulation calculate the intermediate output from the S-BOX for each value of the input data P[i]. Tis data can be used to sort the power traces, but we need to look at a bit in the intermediate output value of the simulation, usually the LSB. If the bit is logic 1, the power trace is added to a ‘ones’ array W_ONEi[t]; if it is zero, it is added to a ‘Zero’ array W_ZEROi[t]. Te final step is to calculate the means of both, the ones and zero arrays, and then calculate the difference of the means for all the stored power traces:
Δ(t) = mean(W_ZEROi[t]) − mean (W_ ONEi[t])
Page 1 |
Page 2 |
Page 3 |
Page 4 |
Page 5 |
Page 6 |
Page 7 |
Page 8 |
Page 9 |
Page 10 |
Page 11 |
Page 12 |
Page 13 |
Page 14 |
Page 15 |
Page 16 |
Page 17 |
Page 18 |
Page 19 |
Page 20 |
Page 21 |
Page 22 |
Page 23 |
Page 24 |
Page 25 |
Page 26 |
Page 27 |
Page 28 |
Page 29 |
Page 30 |
Page 31 |
Page 32 |
Page 33 |
Page 34 |
Page 35 |
Page 36 |
Page 37 |
Page 38 |
Page 39 |
Page 40 |
Page 41 |
Page 42 |
Page 43 |
Page 44 |
Page 45 |
Page 46 |
Page 47 |
Page 48
