Introduction to Differential Power Analysis (DPA)

Although not explicitly a prerequisite, this course builds on the fundamentals of Introduction to Power and Side-Channel Analysis. This course focuses on Differential Power Analysis (CPA) and Correlation Power Analysis (CPA), which are side-channel analysis techniques that are widely used to recover cryptographic keys and secrets of hardware targets. This course will cover all the necessary theory and participants will get an opportunity to apply the techniques against several real-world targets. Participants will learn how to get captures or traces of cryptographic operations from a Digital Storage Oscilloscope. Participants will then get to analyze the traces of the targets and learn what is needed to apply this to real-world devices. This course will cover all of the basics of power DPA, the AES encryption algorithm, hamming weights and their effect on current leakage and power consumption. Additionally, it will provide an introduction to many aspects of hardware and embedded security. The hardware necessary for this course can be reused for other side-channel analysis classes offered through Advanced Security Training and elsewhere.

Each day will feature roughly 2 hours of theory and 4-5 of a hands-on hardware CTF to be performed by participants.

Day 1

Day 1 focuses on how changes in internal bus states affect the power consumption of the system. These changes result in measurable differences that can be exploited to recover the cryptographic states of the encryption and subsequently the symmetric keys used for encryption and decryption.

Theory

• Known and Chosen Plain Text
• Cryptographic states
• Power Analysis and Data Leakage
• Internal Data Bus States
• Hamming Weights and Power Consumption
• Differential Power Analysis (DPA) against AES
• Q&A

Capture the Flag

• Recover encryption keys a Firmware Implementation of AES

Day 2

Day 2 will cover Correlation Power Analysis (CPA) as well as more advanced techniques for measuring cryptographic leakage. Day 2 will also cover several advanced triggering techniques as well as additional test and measurement equipment for performing side-channel analysis.

Theory

• Hardware implementations
• Correlation Power Analysis (CPA)
• Test and Measurement Equipment
• Triggers for Power Analysis
• Q&A

Capture the Flag

• Recover encryption keys from a Hardware Implementation of AES

Requirements

No hardware is required for taking this course. For this course, it may be required to install tools on your machine or run a VM. However, we can provide you with a remote virtualized environment. To request access, please contact our chat or email support 72 hours before the start of the class to ensure we can accommodate you with all the necessary requirements.