Side-Channel Attacks on AES (CPA & DPA)
Practical implementation of Differential and Correlation Power Analysis on AES-128 hardware.
About
This project was conducted as part of the RI3A cybersecurity project. Using a ChipWhisperer acquisition platform and a Zest_Core_STM32L5A6 board, I captured hundreds of power traces during AES-128 encryption. I then implemented two powerful side-channel attacks: DPA (Differential Power Analysis) and CPA (Correlation Power Analysis). The objective was to understand and demonstrate how physical leakage during cryptographic operations can be exploited to recover secret keys. I built a full Python-based analysis flow, including hypothesis generation, leakage modeling, statistical separation, score computation, convergence study and confidence evaluation.
Papers
Key Features
Real Hardware Leakage
Power traces recorded on a Zest_Core_STM32L5A6 using the ChipWhisperer platform
Differential Power Analysis (DPA)
Statistical separation of traces based on leakage bits to extract key bytes
Correlation Power Analysis (CPA)
Pearson correlation applied to Hamming-weight models to recover AES-128 keys with fewer traces
Accuracy & Convergence Measurement
Confidence estimation and convergence curves showing how many traces are needed to extract a key byte
Technologies
Interested?
Feel free to reach out if you want to collaborate or learn more about this project.
Get in touch →