A rapidly growing field in hardware security is side-channel analysis. Through side-channel attacks, adversaries can extract secret information from an embedded device by measuring physical observables from the system such as power usage and electromagnetic emanation. Worcester Polytechnic Institute's Vernam Lab conducts side-channel analysis research to analyze embedded systems and their vulnerability to such attacks. However, there is no centralized API or repository of information for the researchers to use to conduct these experiments.  Furthermore, there needs to be more consistency and organization regarding how Vernam lab stores experiment data. Therefore, we designed and implemented a side-channel analysis library in Python named SCAPEgoat. This library has three main modules. The custom file framework module implements an organized efficient interface for storing side-channel analysis data. The framework uses JSON to store metadata and organize the file's structure without sacrificing performance. A particular file can have one-to-many experiments with each experiment being able to have one-to-many datasets. This provides a hierarchical structure for storing experiment data similar to what is implemented in the HDF5 file format commonly used in side-channel analysis research. However, unlike HDF5, the framework uses JSON to hold metadata which is superior because it is human-readable, more flexible, and takes up a negligible amount of space. Furthermore, this metadata is queryable using regular expressions, a feature unavailable in contemporary SCA file storage methods like HDF5. The oscilloscope module implements fast custom capture procedures for ChipWhisperer devices. This saves researchers development time and greatly simplifies the process of configuring the ChipWhisperer device and using it to capture power traces. It is significantly easier to use than the standard ChipWhisperer API and aims to prevent researchers from having to write excess amounts of boilerplate code. There is support for a standard capture procedure that will execute a power trace capture for a specified number of traces. Users can supply a custom list of keys and plaintexts to provide for the encryption or a default key-text generation algorithm for AES. Furthermore, there is a dedicated capture procedure for collecting the fixed and random trace sets for the t-test metric. Finally, the metric solver module implements common side-channel analysis metrics in Python with built-in visualization options and fast performance. These metrics include signal-to-noise ratio, t-test, correlation, score and rank, success rate, and guessing entropy. These metrics also have integration with the custom file framework, allowing users to run metrics directly on stored data. The final result is a comprehensive library for side-channel analysis that can be used at WPI and beyond.

• This report represents the work of one or more WPI undergraduate students submitted to the faculty as evidence of completion of a degree requirement. WPI routinely publishes these reports on its website without editorial or peer review.

Creator

• Marcantonio, Trey
• Karkache, Samuel

Subject

• Innovation
• Security
• Computing
• Project-Based Learning

Publisher

• Worcester Polytechnic Institute

Identifier

• 121400
• E-project-042324-144639

Palavra-chave

• Hardware Security
• Cryptograhpy
• Side-Channel Analysis
• Embedded
• Python
• Open-Source

Advisor

• Schaumont, Patrick R.
• Ganji, Fatemeh

Year

• 2024

UN Sustainable Development Goals

• 4 - Quality Education
• 9 - Industry, Innovation and Infrastructure

Date created

• 2024-04-23

Resource type

• Major Qualifying Project

Major

• Electrical & Computer Engineering

Source

• E-project-042324-144639

Rights statement

• In Copyright