Approved_users, bureaucrat, administrator
1,956
edits
| As of August 2020 the site you are on (wiki.newae.com) is deprecated, and content is now at rtfm.newae.com. |
Changes
→Appendix B: Full Attack Script for older (< 3.1.x)
<p>[[File:fastdraw.png|image]]</p>
<p>You can also use the 'GUI Override' on the byte highlighting to change the highlighted byte.</p></li></ol>
== Appendix A: Full Attack Script for Current Release ==
<pre>
# Based on Ilya Kizhvatov's work, published as "Side Channel Analysis of AVR XMEGA Crypto Engine"
from chipwhisperer.common.api.CWCoreAPI import CWCoreAPI
from chipwhisperer.common.scripts.base import UserScriptBase
# Imports from Preprocessing
import chipwhisperer.analyzer.preprocessing as preprocessing
# Imports from Attack
from chipwhisperer.analyzer.attacks.cpa import CPA
from chipwhisperer.analyzer.attacks.cpa_algorithms.progressive import CPAProgressive
import chipwhisperer.analyzer.attacks.models.AES128_8bit
# Imports from utilList
from chipwhisperer.analyzer.attacks.models.AES128_8bit import getHW
class AESXMega(object):
numSubKeys = 16
@staticmethod
def leakage(pt, ct, guess, bnum, setting, state):
#In real life would recover this one at a time, in our case we know entire full key, so we cheat to make
#the iterations easier
knownkey = [0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c]
s1 = pt[bnum-1] ^ knownkey[bnum-1]
s2 = pt[bnum] ^ guess
#We subtract 8 as way measurements are taken a higher current results in a lower voltage. Normally this
#doesn't matter due to use of absolute values. In this attack we do not use absolute mode, so we simply
#"flip" the expected hamming weight, which results in the correlation changing signs.
return 8-getHW(s1 ^ s2)
class UserScript(UserScriptBase):
name = "Auto-generated"
description = "Auto-generated Attack Script"
def __init__(self, api):
UserScriptBase.__init__(self, api)
self.initProject()
self.initPreprocessing()
self.initAnalysis()
self.initReporting()
def initProject(self):
pass
def initPreprocessing(self):
self.traces = self.api.project().traceManager()
def initAnalysis(self):
self.attack = CPA()
self.attack.setTraceSource(self.traces, blockSignal=True)
self.attack.setAnalysisAlgorithm(CPAProgressive,AESXMega,None)
self.attack.setTraceStart(0)
self.attack.setTracesPerAttack(3000)
self.attack.setIterations(1)
self.attack.setReportingInterval(50)
self.attack.setTargetBytes([1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15])
self.attack.setPointRange((0,995))
self.attack.setAbsoluteMode(False)
def initReporting(self):
# Configures the attack observers (usually a set of GUI widgets)
self.api.getResults("Attack Settings").setAnalysisSource(self.attack)
self.api.getResults("Correlation vs Traces in Attack").setAnalysisSource(self.attack)
self.api.getResults("Output vs Point Plot").setAnalysisSource(self.attack)
self.api.getResults("PGE vs Trace Plot").setAnalysisSource(self.attack)
self.api.getResults("Results Table").setAnalysisSource(self.attack)
self.api.getResults("Save to Files").setAnalysisSource(self.attack)
self.api.getResults("Trace Output Plot").setTraceSource(self.traces)
self.api.getResults("Trace Recorder").setTraceSource(self.traces)
def run(self):
self.attack.processTraces()
if __name__ == '__main__':
import chipwhisperer.analyzer.ui.CWAnalyzerGUI as cwa
from chipwhisperer.common.utils.parameter import Parameter
Parameter.usePyQtGraph = True # Comment if you don't need the GUI
api = CWCoreAPI() # Instantiate the API
app = cwa.makeApplication("Analyzer") # Comment if you don't need the GUI
gui = cwa.CWAnalyzerGUI(api) # Comment if you don't need the GUI
gui.show() # Comment if you don't need the GUI
api.runScriptClass(UserScript) # Run UserScript through the API
app.exec_() # Comment if you don't need the GUI
</pre>
== Appendix B: Full Attack Script for older (< 3.1.x) ==
Here is the full attack script for current older releases:
<pre># Based on Ilya Kizhvatov's work, published as "Side Channel Analysis of AVR XMEGA Crypto Engine"
