Home Explore Help
Sign In
msc
/
speck_cpa_cw
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 6f50dcff9d
Branches Tags
speck_cpa_cw
/
.ipynb_checkpoints
/
Speck-Analysis-checkpoint.ipynb

Speck-Analysis-checkpoint.ipynb 123 KB
History Raw

Speck Analysis Notebook

The following block initializes the chipwhisperer, as always

import chipwhisperer as cw
import time
# Path to the Speck .hex file for reflashing
PATH="/home/juan/documents/master-aits/subjects/implementation_attacks_and_countermeasures/praktikum/speck_cpa_cw/cw_firmware/simple-speck-CWLITEARM.hex"
scope.dis()
---------------------------------------------------------------------------
NameError                                 Traceback (most recent call last)
/tmp/ipykernel_851327/1933793010.py in <module>
----> 1 scope.dis()

NameError: name 'scope' is not defined
def flash(scope, prog):
    cw.program_target(scope, prog, PATH)

def reset_target(scope):
    scope.io.nrst = 'low'
    time.sleep(0.05)
    scope.io.nrst = 'high_z'
    time.sleep(0.05)

try:
    if not scope.connectStatus:
        scope.con()
except NameError:
    scope = cw.scope()

try:
    target = cw.target(scope)
except IOError:
    print("INFO: Caught exception on reconnecting to target - attempting to reconnect to scope first.")
    print("INFO: This is a work-around when USB has died without Python knowing. Ignore errors above this line.")
    scope = cw.scope()
    target = cw.target(scope)

print("INFO: Found ChipWhisperer😍")

prog = cw.programmers.STM32FProgrammer
time.sleep(0.05)
scope.default_setup()
---------------------------------------------------------------------------
NameError                                 Traceback (most recent call last)
/tmp/ipykernel_851327/2459641658.py in <module>
     10 try:
---> 11     if not scope.connectStatus:
     12         scope.con()

NameError: name 'scope' is not defined

During handling of the above exception, another exception occurred:

NameError                                 Traceback (most recent call last)
/tmp/ipykernel_851327/2459641658.py in <module>
     12         scope.con()
     13 except NameError:
---> 14     scope = cw.scope()
     15 
     16 try:

NameError: name 'cw' is not defined

Reset the target if required:

reset_target(scope)

Reflash the target if required:

flash(scope, prog)
Detected known STMF32: STM32F302xB(C)/303xB(C)
Extended erase (0x44), this can take ten seconds or more
Attempting to program 5827 bytes at 0x8000000
STM32F Programming flash...
STM32F Reading flash...
Verified flash OK, 5827 bytes

Set an encryption key:

# 32 bytes of encryption key
encryption_key = b"\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f"

if len(encryption_key) == 32:
    target.simpleserial_write("s", encryption_key)
    target.simpleserial_read("o", 32)

Get the encryption key:

target.simpleserial_write("k", b'\x00'*16)
print(target.simpleserial_read("o", 32))
CWbytearray(b'00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f')

Encrypt a 16-byte block:

pt = b"\x70\x6f\x6f\x6e\x65\x72\x2e\x20\x49\x6e\x20\x74\x68\x6f\x73\x65"
target.simpleserial_write("e", pt)
print(target.simpleserial_read("c", 16))
CWbytearray(b'43 8f 18 9c 8d b4 ee 4e 3e f5 c0 05 04 01 09 41')

Plot the power consumption of the encryption step:

def trace_encryption():
    global scope, target
    pt = b"\x70\x6f\x6f\x6e\x65\x72\x2e\x20\x49\x6e\x20\x74\x68\x6f\x73\x65"
    return cw.capture_trace(scope, target, pt, b"e")
reset_target(scope)
pt = trace_encryption()
---------------------------------------------------------------------------
OSError                                   Traceback (most recent call last)
/tmp/ipykernel_833812/1292385230.py in <module>
      1 reset_target(scope)
----> 2 pt = trace_encryption()

/tmp/ipykernel_833812/2495386390.py in trace_encryption()
      2     global scope, target
      3     pt = b"\x70\x6f\x6f\x6e\x65\x72\x2e\x20\x49\x6e\x20\x74\x68\x6f\x73\x65"
----> 4     return cw.capture_trace(scope, target, pt, b"e")

~/.local/lib/python3.9/site-packages/chipwhisperer/__init__.py in capture_trace(scope, target, plaintext, key, ack)
    331         target.set_key(key, ack=ack)
    332 
--> 333     scope.arm()
    334 
    335     if plaintext:

~/.local/lib/python3.9/site-packages/chipwhisperer/capture/scopes/OpenADC.py in arm(self)
    334         """
    335         if self.connectStatus is False:
--> 336             raise OSError("Scope is not connected. Connect it first...")
    337         # with DelayedKeyboardInterrupt():
    338         try:

OSError: Scope is not connected. Connect it first...
%matplotlib notebook
import matplotlib.pylab as plt

plt.figure()
plt.plot(pt.wave, "r")
plt.show()
scope.dis()