First-Round and Last-Round Power Analysis Attack Against AES Devices

Abstract

Power analysis attacks are a known method of breaking cryptographic algorithms such as AES. The scenario is a first-round and last-round attack based on CPA and hamming distance, each of which provides candidates for 16 secret state key. This paper demonstrates a series of attacks on a secure AES microcontroller device, where the f rmware f les have been encrypted with AES128 EBC. A correlation power analysis (CPA) attack is performed on AES128 to recover the complete master key. The use of CPA attacks is carried out on the first-byte state at First- Round and Last-Round. The correlation coefficient for the entire state in AES in the first-round is 0.712 <<0.8455. Meanwhile, the coefficient value in the second test is 0.1724 <<0.2635. We can conclude the main vulnerability of the AES128 is in the power estimate value that is easy to guess after the SubBytes and INVSubbytes function in each round.