Performing fault injections to recover the encryption key in an AES $($Advanced Encryption Standard$)$ implementation. To achieve this, you need to carry out an attack based on your preference. All bash commands are to be executed in a Nix terminal.

Identifying the Fault Injection Parameters

this is the gitlab resource to be used next: https:$//$gitlab$.$inria.fr$/$simp$2/$physical$\_$attacks$\_$aes.git

Q$1)$ What does the script K$-$fault$-$calibration.py output?

The output of the script K$-$fault$-$calibration.py likely provides information about the result of fault injections. It may include success rates, failure rates, or other relevant metrics.

Q$2)$ What iteration and symbol should be chosen and why?

Choose the iteration and symbol based on the output of the calibration script. Look for points where fault injections are most effective. The iteration is the number of executions before the fault injection occurs, and the symbol is the function you want to explore.

Q$3)$ What injection address do you choose?

Select the injection address based on the calibration results. Look for locations where faults have a significant impact.

Measurements

Q$4)$ What theoretical attacks compatible with this fault model do you know? Specify the chosen attack for the rest of the lab.

Common theoretical attacks compatible with a fault model involving instruction jumps and dependent on Hamming weight include Differential Fault Analysis $($DFA$)$ and Correlation Power Analysis $($CPA$).$

To conduct a measurement campaign, run the script:

bash

python$3../$L$6-$DFA$/$L$-$DFA.py $[$target$][$address$][$number of executions$][$iteration$]$

This generates the files ciphertexts.npy and faulty$\_$ciphertexts.npy$.$

Q$5)$ Load the previously obtained files and compare them. Identify which bytes were affected. Are they consistent with the theoretical fault model of the chosen attack?

Analyze the generated files and observe which bytes were affected by the fault injections. Check if the observed faults align with the expected behavior according to the chosen attack model.

Confrontation $($Dependent on Chosen Attack$)$

Q$6)$ What is the target of your attack, precisely?

Specify the precise target of your attack, such as a specific round key, the master key, or another part of the cryptographic implementation.

Q$7)$ Describe the functioning of your attack and its implementation.

Explain how your chosen attack works and provide details about its implementation. This may involve manipulating faulted ciphertexts to gain information about the secret key.

Q$8)$ Conclude what the correct key hypothesis is$.$

Based on the results of your attack, make an educated guess about the correct key hypothesis.

Q$9)$ If only a part of the key has been obtained, repeat the operation to recover the complete key.

Q$10)$ Compare your results with the true key.

Q$11)$ Write a conclusion highlighting the strengths and weaknesses of this attack.

Summarize your findings, emphasizing the strengths and weaknesses of the performed attack. Discuss potential countermeasures to improve security against fault injection attacks.