This repository contains the firmware, gateware, and host software of the ESP CPA Board.
This board is aimed at exploring side-channel attacks against some Espressif chips. More details are available in this blog post.
The sdcc compiler is required to build the firmware of the FX2LP microcontroller.
To configure the FPGA, the yosys synthesis tool, and nextpnr place and route tool are also needed.
Python dependencies can be installed by running poetry install.
Finally, this project relies on a custom Rust library for computationally intensive tasks. A valid rustc compiler installation is expected. The library can be compiled with:
RUSTFLAGS='-C target-cpu=native' poetry run maturin develop -r
Note that the Rust library itself calls an OpenCL kernel. This means a valid runtime is expected. This can be verified by running the clinfo command.
The FX2LP microcontroller of the ESP CPA Board can be automatically claimed by the usbtest Linux kernel module.
It is advised to blacklist this module to avoid communication issues with the board. This can be achieved by creating a /etc/modprobe.d/nousbtest.conf file with the following content.
blacklist usbtest
The ESP CPA Board needs to be configured with the poetry run ctrl configure-board command.
This command flashes the firmware of the FX2LP microcontroller and configures the FPGA.
More options are available from the output of the poetry run ctrl --help command.
poetry run measure is used to capture power traces.
Example:
poetry run measure config/capture/esp32c3.py test.zarr
More options are available from the output of poetry run measure --help.
Correlation Power Analysis methods can be applied with the poetry run analyze tool. All subcommands are available from the output of poetry run analyze --help.
Results can be plotted thanks to the poetry run plot commands.
The poetry run key-tools utility is useful for computing various key-related values. This is beneficial when evaluating the XTS mode of encryption. See this for theoretical details.
zzattack assembled an ESP CPA Board and provided useful feedback regarding the software shared here. Several mistakes and inconsistencies have been addressed.