Course registration opens soon!
This course is designed to start you on your journey in power analysis, but this self-contained course doesn't stop with just the theory. Recover passwords and break symmetric encryption on the ChipWhisperer targets, and then learn what is needed to apply this to new devices.
Learn the theory behind power analysis, and validate it with hands-on labs.
Recover an encryption key from real AES-128 implementations running in firmware.
Learn about tools and equipment for performing attacks on real devices, including triggering and measurement.
Welcome to SCA101 - The Alpha Build
Welcome to SCA101
Environment Setup
Introducing to Hardware Hacking
FREE PREVIEWChipWhisperer Origins and Setup
FREE PREVIEWChipWhisperer Hardware Versions
FREE PREVIEWJupyter & Python Introduction
FREE PREVIEWQUIZ: Jupyter/Python Prerequisites
FREE PREVIEWChipWhisperer to Jupyter & Target Firmware
FREE PREVIEWQUIZ: Communicating with Target Firmware
Linking Power to Program Flow
QUIZ: Linking Power to Program Flow
LAB: Instruction Power Differences (SIMULATED)
LAB: Instruction Power Differences (HARDWARE)
QUIZ: Instruction Power Differences
LAB: Power Analysis for Password Bypass
QUIZ: Power Analysis for Password Bypass
Measuring Power In-Circuit Invasively (Basics)
Measuring Power In-Circuit Invasively (Tools & Advanced Techniques)
QUIZ: Measuring Power In-Circuit Invasively
What Power Tells us about Internal Data Bus States
FREE PREVIEWLAB: Large Hamming Weight Swings
QUIZ: Large Hamming Weight Swings
Differential Power Analysis (DPA) on AES Part 1
LAB: Recovering Data from a Single Bit
QUIZ: Recovering Data from a Single Bit
Differential Power Analysis (DPA) on AES Part 2
LAB: DPA on Firmware Implementation of AES
QUIZ: DPA on Firmware Implementation of AES
Internal Data Bus State and Power Correlation
LAB: Power and Hamming Weight Relationship
QUIZ: Power and Hamming Weight Relationship
Correlating Power Measurements with Key Guesses (CPA Attack)
LAB Intro: CPA on Firmware Implementation
Quiz: CPA on Firmware Implementation of AES
LAB Intro: ChipWhisperer Analyzer CPA Attack
QUIZ: CPA Attack with Analyzer
Requirements for CPA Attacks in Real Life
ChipWhisperer-Analyzer Attack Result Types
LAB: A Streamlined CPA Attack (CPA Analyzer)
Measuring Power In-Circuit (Non-Invasive)
QUIZ: Measuring Power In-Circuit (Non-Invasive)
DEMO: NewAE H-Field Probe on UFO Board
FREE PREVIEWTriggering Encryption Operations
QUIZ: Triggering Encryption Operations
Triggering Power Analysis
DEMO: Analog (SAD) Trigger with ChipWhisperer-Pro
QUIZ: Triggering Power Analysis
LAB: Jittery Triggering on UART
QUIZ: Jittery Triggering on UART
DEMO: Instrumenting a Development Board
Next Steps in your Power Analysis Journey
This course does not require hardware to complete the majority of labs.
The student experience is significantly improved with any of the "hardware" options, as it allows them to change and recompile the firmware. Note that the fault injection courses have different hardware requirements (Group B at minimum) if you are registering for all courses.
Simulation includes ANY of:
Hardware Group A:
Hardware Group B includes ANY of:
| Lab Name | Course | Simulator | Group A Hardware | Group B Hardware |
|---|---|---|---|---|
| Instruction Power Differences | PA101 | ✅ |
✅ |
✅ |
| Power Analysis for Password Bypass | PA101 | ✅ |
✅ |
✅ |
| Large Hamming Weight Swings | PA101 | ✅ |
✅ |
✅ |
| Recovering Data from a Single Bit | PA101 | ✅ |
✅ |
✅ |
| DPA on Firmware Implementation of AES | PA101 | ✅ |
✅ |
✅ |
| CPA attack against a simple AES-128 Implementation | PA101 | ✅ |
✅ |
✅ |
| Manual CPA Attack | PA101 | ✅ |
✅ |
✅ |
| Jittery Triggering on UART | PA101 | ❌ |
❌ |
✅ |