Preorder for June 1st Release

Check out the detailed curriculum below to see all the included content for when the course launches. And if you're interesting in getting our complete collection of upcoming videos, be sure to see the launch special giving you this & all new courses we launch.

Learning Highlights

This course is designed to start you on your journey in power analysis, but this self-contained course doesn't stop with just the theory. Recover passwords and break symmetric encryption on the ChipWhisperer targets, and then learn what is needed to apply this to new devices.

  • Learn the theory behind power analysis, and validate it with hands-on labs.

  • Recover an encryption key from real AES-128 implementations running in firmware.

  • Learn about tools and equipment for performing attacks on real devices, including triggering and measurement.

Course curriculum

  • 1

    Welcome to the course!

    • Environment Setup: ChipWhisperer Software

    • Environment Setup: Google Co-Lab

  • 2

    Part 1: Introduction to ChipWhisperer

    • ChipWhisperer Origins and Setup

    • ChipWhisperer Hardware Versions

    • ChipWhisperer Software & Your Own Oscilloscope

  • 3

    Part 2: Introduction to Power Analysis

    • Linking Power to Program Flow

    • LAB (CW): Instruction Power Differences

    • LAB (CW): Power Analysis for Password Bypass

    • Measuring Power In-Circuit Invasively (Basics)

    • Measuring Power In-Circuit Invasively (Tools & Advanced Techniques)

  • 4

    Part 3: Power Analysis to Leak Data

    • What Power Tells us about Internal Data Bus States

    • LAB [CW]: Large Hamming Weight Swings

    • LAB [COLAB]: Large Hamming Weight Swings

    • Differential Power Analysis (DPA) on AES Part 1

    • LAB [CW]: Recovering Data from a Single Bit

    • LAB [COLAB]: Recovering Data from a Single Bit

    • Differential Power Analysis (DPA) on AES Part 2

    • LAB [CW]: DPA on Firmware Implementation of AES

    • LAB [COLAB]: DPA on Firmware Implementation of AES

  • 5

    Part 4: Correlation Power Analysis and Leakage Models

    • Introducing Correlation Power Analysis (CPA)

    • LAB: A CPA attack against a simple AES-128 Implementation

    • Requirements for Applying CPA Attacks

  • 6

    Part 5: Manual Correlation Power Analysis Attack

    • Diving Deep: Implementing the Correlation Power Analysis Attack

    • Building a Power Analysis Model

    • Calculating Correlation

    • Ranking Key Guesses

    • Putting it Together: A Full Manual CPA Attack

  • 7

    Part 6: Connections & Conclusions

    • ChipWhisperer Connections

    • Measuring Power In-Circuit (Non-Invasive)

    • Triggering Encryption Operations

    • Triggering Power Analysis

    • Next Steps in your Power Analysis Journey

Hardware & Labs

This course does not require hardware to complete the majority of labs.

The student experience is improved with any of the "hardware" options, as it allows them to change and recompile the firmware. Note that the fault injection courses have different hardware requirements (Group B at minimum) if you are registering for all courses.

Simulation includes ANY of:

  • Running local VirtualBox VM.
  • Local ChipWhisperer install.
  • Online using Google account (Co-Lab).

Hardware Group A:

  • ChipWhisperer-Nano

Hardware Group B includes ANY of:

  • ChipWhisperer-Lite (XMEGA or ARM)
  • NAE-SCAPACK-L1
  • NAE-SCAPACK-L2 
  • ChipWhisperer-Pro


Lab Name Course Simulator Group A Hardware Group B Hardware
Instruction Power Differences PA101

Power Analysis for Password Bypass PA101

Large Hamming Weight Swings PA101

Recovering Data from a Single Bit PA101

DPA on Firmware Implementation of AES PA101

CPA attack against a simple AES-128 Implementation PA101

Manual CPA Attack PA101

Jittery Triggering on UART PA101