Examples on how to use Jlsca, the side channel analysis toolkit written in Julia.
- Julia (1.0 is tested on most examples), https://julialang.org
- IJulia, https://github.com/JuliaLang/IJulia.jl
- Jlsca package, https://github.com/Riscure/Jlsca
- PyCall and PyPlot packages, install in julia via Pkg.add()
It all works alike on Linux, Mac, and Windows.
Here is a docker image built on top of Orka with all the prerequisites (apart from some example tracesets).
Jlsca's incremental correlation benefits from more threads. By default Julia only has 1 thread, but you can configure this by setting environment variable JULIA_NUM_THREADS
. Start the notebook like this to give Julia 2 threads:
JULIA_NUM_THREADS=2 julia -e "using IJulia; notebook()"
Working with any tool starts with the data formats. Jlsca natively works with trs format, originally used by Riscure Inspector, and in addition handles other formats.
- Daredevil (split binary) format. Jlsca natively supports it for both reading and writing, and includes a converter to/from trs. Whitebox example notebook below shows how to do conversion.
- ChipWhisperer project format. Examples of how to convert data from CWP to trs are below in RHme2 notebooks. In case you would like to export a trs into CWP, here is the noteboook: trs2cwp.ipynb.
These are simple examples on how to do the SCA challenges of the RHme2 embedded CTF.
- piece of SCAke - correlation power analysis attack on unprotected AES-128
- still not SCAry - linear regression analysis attack on AES-128 with a misalignment countermeasure
- SCAlate - correlation power analysis attack on AES-128 with a misalignment countermeasure
Tarballs with power traces available at https://drive.google.com/drive/folders/0B2slHLSL3nXaTFBWMUxHSkNmSTg, shasums included.
Here are the external writeups showing how to adapt examples above to do RHme3 SCA qualifier challange: [1], [2], [3]. Note that due to recent changes in Jlsca these writeups need minor adjustments to be runnable.
- Second-order DPA on the ASCAD traceset. This example almost directly applies to the Rhme-2017 Random Random Everywhere challenge that features a masked AES implementation
Jlsca can be run on a cluster of Linux machines.
- HPC example tested on the Radboud University cluster
- DPA on HMAC-SHA1 running on STM32F417 with hardware SHA accelerator. This is an advanced example. Traceset here.