1.1 src
---Codes for the AES algorithm, the test bench, and the Trojan
2.Trojan
Trojan Description
After each 128'hFFFF_FFFF_FFFF_FFFF_FFFF_FFFF_FFFF_FFFF encryptions, the Trojan gets activated and leaks the secret
key from a cryptographic chip running the AES algorithm through a covert channel. The channel adapts the concepts
from spread spectrum communications (also known as Code-Division Multiple Access (CDMA)) to distribute the leakage
of single bits over many clock cycles. The Trojan employs this method by using a pseudo-random number generator (PRNG)
to create a CDMA code sequence, the PRNG initialized to a predefined value. The code sequence is then used to
XOR modulate the secret information bits. The modulated sequence is forwarded to a leakage circuit (LC) to set up
a covert CDMA channel in the power side-channel. The LC is realized by connecting eight identical flip-flop elements
to the single output of the XOR gate to mimic a large capacitance [1].
[1] L. Lin, M. Kasper, T. G黱eysu, C. Paar and W. Burleson, "Trojan Side-Channels: Lightweight Hardware Trojans
through Side-Channel Engineering," 11th International Workshop Cryptographic Hardware and Embedded Systems (CHES),
pp.382-395, 2009.
How to start the simulation
1. simulation.do
----------------
This file is a batch file for Modelsim to compile the HDL files, setup the wave file, and begin function simulation.
The working directory of Modelsim must be the same directory of the batch file.
2. test_aes_128.v
----------------------
This file is the main test bench.
It is self-checked. It feeds input data to the core and compare the correct result with the output of the core.
If the output is wrong, the test bench will display an error message.
單片機源程序如下:
/*
* Copyright 2012, Homer Hsing <homer.hsing@gmail.com>
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
`timescale 1ns / 1ps
module test_aes_128;
// Inputs
reg clk;
reg [127:0] state;
reg [127:0] key;
// Outputs
wire [127:0] out;
// Instantiate the Unit Under Test (UUT)
aes_128 uut (
.clk(clk),
.state(state),
.key(key),
.out(out)
);
initial begin
clk = 0;
state = 0;
key = 0;
#100;
/*
* TIMEGRP "key" OFFSET = IN 6.4 ns VALID 6 ns AFTER "clk" HIGH;
* TIMEGRP "state" OFFSET = IN 6.4 ns VALID 6 ns AFTER "clk" HIGH;
* TIMEGRP "out" OFFSET = OUT 2.2 ns BEFORE "clk" HIGH;
*/
@ (negedge clk);
# 2;
state = 128'h3243f6a8_885a308d_313198a2_e0370734;
key = 128'h2b7e1516_28aed2a6_abf71588_09cf4f3c;
#10;
state = 128'h00112233_44556677_8899aabb_ccddeeff;
key = 128'h00010203_04050607_08090a0b_0c0d0e0f;
#10;
state = 128'h0;
key = 128'h0;
#10;
state = 128'h0;
key = 128'h1;
#10;
state = 128'h1;
key = 128'h0;
#170;
if (out !== 128'h3925841d02dc09fbdc118597196a0b32)
begin $display("E"); $finish; end
#10;
if (out !== 128'h69_c4_e0_d8_6a_7b_04_30_d8_cd_b7_80_70_b4_c5_5a)
begin $display("E"); $finish; end
#10;
if (out !== 128'h66_e9_4b_d4_ef_8a_2c_3b_88_4c_fa_59_ca_34_2b_2e)
begin $display("E"); $finish; end
#10;
if (out !== 128'h05_45_aa_d5_6d_a2_a9_7c_36_63_d1_43_2a_3d_1c_84)
begin $display("E"); $finish; end
#10;
if (out !== 128'h58_e2_fc_ce_fa_7e_30_61_36_7f_1d_57_a4_e7_45_5a)
