ChipWhisperer: An Open-Source Platform for Hardware Embedded Security Research

  • Colin O’FlynnEmail author
  • Zhizhang (David) Chen
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8622)


This paper introduces a complete side channel analysis toolbox, inclusive of the analog capture hardware, target device, capture software, and analysis software. The highly modular design allows use of the hardware and software with a variety of existing systems. The hardware uses a synchronous capture method which greatly reduces the required sample rate, while also reducing the data storage requirement, and improving synchronization of traces. The synchronous nature of the hardware lends itself to fault injection, and a module to generate glitches of programmable width is also provided. The entire design (hardware and software) is open-source, and maintained in a publicly available repository. Several long example capture traces are provided for researchers looking to evaluate standard cryptographic implementations.


Side-channel analysis Acquisition Synchronization FPGA 



Thanks to Akashi Satoh for donation of the SAKURA-G used in this work, and Akashi Satoh and Pankaj Rohatgi for donation of the SASEBO-GII and SASEBO-W also used in this work. Thanks to COSADE 2014 reviewers for many insightful comments on initial revision of this papers.


  1. 1.
    Kocher, P.C., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999) CrossRefGoogle Scholar
  2. 2.
    Satoh, A.: Side-channel Attack Standard Evaluation Board (SASEBO) (2011).
  3. 3.
    Oswald, E.: OpenSCA: a matlab-based open source framework for side-channel attacks (2009).
  4. 4.
    Mangard, S., Oswald, E., Popp, T.: Power Analysis Attacks: Revealing the Secrets of Smart Cards. Advances in information security. Springer, New York (2008)Google Scholar
  5. 5.
    Oswald, D., Kasper, T., Markhoff, S., Paar, C.: FPGA-based Implementation Attacks with GIAnT. In: 9th CrypArchi Workschop, Bochum, November 2011Google Scholar
  6. 6.
    Oswald, D.: Implementation attacks: from theory to practice. Ph.D. thesis, Ruhr University Bochum, September 2013Google Scholar
  7. 7.
    Kasper, T., Oswald, D., Paar, C.: A versatile framework for implementation attacks on cryptographic RFIDs and embedded devices. In: Gavrilova, M.L., Tan, C.J.K., Moreno, E.D. (eds.) Transactions on Computational Science X. LNCS, vol. 6340, pp. 100–130. Springer, Heidelberg (2010) CrossRefGoogle Scholar
  8. 8.
    Messerges, T.: Power analysis attacks and countermeasures for cryptographic algorithms. Ph.D. thesis, University of Illinois at Chicago (2000)Google Scholar
  9. 9.
    O’Flynn, C., Chen, Z.: A case study of side-channel analysis using decoupling capacitor power measurement with the OpenADC. In: Garcia-Alfaro, J., Cuppens, F., Cuppens-Boulahia, N., Miri, A., Tawbi, N. (eds.) FPS 2012. LNCS, vol. 7743, pp. 341–356. Springer, Heidelberg (2013) CrossRefGoogle Scholar
  10. 10.
    O’Flynn, C., Chen, Z.D.: Synchronous Sampling and Clock Recovery of Internal Oscillators for Side Channel Analysis. Cryptology ePrint Archive, Report 2013/294.Google Scholar
  11. 11.
    Olivares, J., Hormigo, J., Villalba, J., Benavides, I.: Minimum sum of absolute differences implementation in a single FPGA device. In: Becker, J., Platzner, M., Vernalde, S. (eds.) FPL 2004. LNCS, vol. 3203, pp. 986–990. Springer, Heidelberg (2004) CrossRefGoogle Scholar
  12. 12.
    Balasch, J., Gierlichs, B., Verbauwhede, I.: An in-depth and black-box characterization of the effects of clock glitches on 8-bit MCUs. In: Proceedings of the 2011 Workshop on Fault Diagnosis and Tolerance in Cryptography, FDTC ’11, pp. 105–114. IEEE Computer Society, Washington, DC (2011)Google Scholar
  13. 13.
    Veyrat-Charvillon, N., Gérard, B., Renauld, M., Standaert, F.-X.: An optimal key enumeration algorithm and its application to side-channel attacks. In: Knudsen, L.R., Wu, H. (eds.) SAC 2012. LNCS, vol. 7707, pp. 390–406. Springer, Heidelberg (2013) CrossRefGoogle Scholar
  14. 14.
    Standaert, F.-X., Malkin, T.G., Yung, M.: A unified framework for the analysis of side-channel key recovery attacks. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 443–461. Springer, Heidelberg (2009) CrossRefGoogle Scholar
  15. 15.
    Brier, E., Clavier, C., Olivier, F.: Correlation Power analysis with a leakage model. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 16–29. Springer, Heidelberg (2004) CrossRefGoogle Scholar
  16. 16.
    Chan, T.F., Golub, G.H., Leveque, R.J.: Algorithms for computing the sample variance: analysis and recommendations. Am. Stat. 37(3), 242–247 (1983)zbMATHMathSciNetGoogle Scholar

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  1. 1.Dalhousie UniversityHalifaxCanada

Personalised recommendations