This class is a true blessing. Can't wait till we get to CPA.
@peterwagner97953 жыл бұрын
It would be very mouth appreciated if you can include all til links in the description.
@dustoncode11 ай бұрын
Sir, without thousands of different(just one byte) inputs,how can you get thousands of traces? Is that means you used same-one-byte input to generate more power traces? If you do so, what's the point?
@joaovernieri8409 Жыл бұрын
Nice class
@jerrywu751 Жыл бұрын
Just curious though, why not just make a prediction based on the XOR output? Isn't that also going to charge or discharge and therefore could show a difference?
@ColinOFlynn Жыл бұрын
Yup - you can do after XOR! The reason for after S-Box though is the S-Box is non-linear. This is nice because wrong guesses become "further away". So for example if attacking after XOR: 0x01 XOR 0xAF = 0xAE 0x02 XOR 0xAF = 0xAD 0x03 XOR 0xAF = 0xAC etc So notice that each guess (1, 2, 3) results in a prediction output that is closer. This means you often end up with a few guesses with higher correlation - the right one will still be the highest, but you might need more traces for this to be obvious. With XOR you will also get the inverse being the same high (but negative) correlation value, so you'll get two potential answers even then. But after the S-Box you don't have this same linear relationship, so only the correct guess tends to stand out (there is another problem called 'ghost peaks' where you can in fact get other peaks that are also high, but it seems to be much less frequent, but if you search 'ghost peaks cpa' you'll see some references to this).