dpa try1

CreateRemoteThread · Jul 27, 2018 · 4670662 · 4670662
1 parent 0f91baa
commit 4670662
Showing 1 changed file with 37 additions and 10 deletions.
diff --git a/dpa.py b/dpa.py
@@ -4,8 +4,12 @@
 from numpy import *
 import sys
 import glob
+import matplotlib.pyplot as plt
 import binascii
 
+TRACE_OFFSET = 0
+TRACE_LENGTH = 2400
+
 sbox = [99,124,119,123,242,107,111,197,48,1,103,43,254,215,171,118,202,130,201,125,250,89,71,240,173,212,162,175,156,164,114,192,183,253,147,38,54,63,247,204,52,165,229,241,113,216,49,21,4,199,35,195,24,150,5,154,7,18,128,226,235,39,178,117,9,131,44,26,27,110,90,160,82,59,214,179,41,227,47,132,83,209,0,237,32,252,177,91,106,203,190,57,74,76,88,207,208,239,170,251,67,77,51,133,69,249,2,127,80,60,159,168,81,163,64,143,146,157,56,245,188,182,218,33,16,255,243,210,205,12,19,236,95,151,68,23,196,167,126,61,100,93,25,115,96,129,79,220,34,42,144,136,70,238,184,20,222,94,11,219,224,50,58,10,73,6,36,92,194,211,172,98,145,149,228,121,231,200,55,109,141,213,78,169,108,86,244,234,101,122,174,8,186,120,37,46,28,166,180,198,232,221,116,31,75,189,139,138,112,62,181,102,72,3,246,14,97,53,87,185,134,193,29,158,225,248,152,17,105,217,142,148,155,30,135,233,206,85,40,223,140,161,137,13,191,230,66,104,65,153,45,15,176,84,187,22]
 
 def getUsefulTraceLength(fn):
@@ -39,22 +43,45 @@ def loadTraces(fns):
   # print "Loaded %d data, %d plaintexts" % (data[:,0].size,plaintexts[:,0].size)
   return (data,plaintexts)
 
-TRACE_LENGTH = 2400
 
 def deriveKey(data,plaintexts):
+  recovered = zeros(16)
   for BYTE_POSN in range(0,16):
-    hypothesis = zeros(
-    group1 = zeros(TRACE_LENGTH)
-    group2 = zeros(TRACE_LENGTH)
-    for TRACE_NUM in range(0,data[0,:].size):
-      for KEY_GUESS in range(0,256):
+    print "Attempting recovery of byte %d..." % BYTE_POSN
+    plfh = zeros(256)
+    for KEY_GUESS in range(0,256):
+      numGroup1 = 0
+      numGroup2 = 0
+      group1 = zeros(TRACE_LENGTH)
+      group2 = zeros(TRACE_LENGTH)
+      diffProfile = zeros(TRACE_LENGTH)
+      for TRACE_NUM in range(0,data[0,:].size):
         hypothesis = sbox[plaintexts[BYTE_POSN,TRACE_NUM] ^ KEY_GUESS]
-
+        if bin(hypothesis).count("1") > 4:
+          group1[:] += data[:,TRACE_NUM]
+          numGroup1 += 1
+        else:
+          group2[:] += data[:,TRACE_NUM]
+          numGroup2 += 1
+      group1[:] /= numGroup1
+      group2[:] /= numGroup2
+      diffProfile = abs(group1[:] - group2[:])
+      plfh[KEY_GUESS] = max(diffProfile)
+    plt.plot(range(0,256),plfh)
+    recovered[BYTE_POSN] = argmax(plfh)
+  return recovered
 
 if __name__ == "__main__":
   fns = glob.glob("%s/*.csv" % sys.argv[1])
   print "Stage 2: Loading %d samples from %d traces" % (TRACE_LENGTH,len(fns))
-  data,plaintexts = loadTraces(TRACE_LENGTH,fns)
+  data,plaintexts = loadTraces(fns)
   print "Stage 3: Deriving key... wish me luck!"
-  r = deriveKey(data,plaintexts,TRACE_LENGTH)
-  print "Done: Recovered key %s" % r
+  r = deriveKey(data,plaintexts)
+  plt.title("AES Power Leakage v Hypothesis Overview")
+  plt.ylabel("Mean Power Leakage")
+  plt.ylabel("Hypothesis")
+  plt.show()
+  out = ""
+  for i in range(0,16):
+    out += "%02x " % int(r[i])
+  print "Done: %s" % out