Project Power
You can find the challenge here
You can download the Jupyter notebook to solve it here
Hardware - Medium: We captured the embedded device that was used to encrypt the ciphers we need to break. Our field agent has set up a remote lab to facilitate remote exploitation of the device so that we can recover its Encryption Key.
To start with this, let's get a feel of what this program does.
We send a string to be encrypted, then we get back the power consumption. This should immediately signify a power analysis attack. We can try out CPA, or Correlation Power Analysis using the lascar python library.
For an actual implementation, follow the Jupyter notebook above, but as a general outline we will:
Gather power traces using multiple plaintexts
Perform Correlation Power Attack on gathered power traces
Send key back to server to get flag
For fun, the graph of the power usage looks like this.