As a hardware security engineer at the Syst├¿mes et Architectures S├®curis├®s laboratory of Mines St-Etienne, I was able to develop SCABox, an opne-source test bench that evaluates the resilience of crypto-algorithms during side-channel attacks. The project is available on GitHub.
The bench provides FPGA power sensors that can be implemented on a remote fabric. It can perform attacks on the electronic board where it is located and communicate results to a client computer. It succeeded in breaking the encryption key used by the famous OpenSSL's AES algorithm.
I worked in collaboration with a research team that helped me to understand the side-channel attacks fundamentals and provided me with a proof of concept code.
I autonomously developed the test bench architecture, composed of the power sensor, a demo hardware AES to attack and interfacing with the CPU of the development board.
I also developed a low-level driver application that runs on the board and can both receive control attack triggering and transmit power leakage via serial link.
I developed the remote client application that was able to communicate with the driver and gather power leakages from the fabric to visualize these and break the encryption keys via statistical measurement.
I provided the solution with a documentation website featuring getting started guide and explanations on how the bench works.