# Crack the Insulin Pump
The provided data client will connect you to a insulin pump that accepts 4-digit PINs to allow debug access to the device. The pump takes the 4-digit PIN, compares it to the correct PIN using the `strcmp` (string compare) function, and returns the result (correct/incorrect). You also will be returned a trace showing the power consumption of the pump while it is performing the comparison.

**Do the power traces reveal something about the PIN?**

## Step 1: Prologue
Just run this next cell once (click the cell and press the play button on the top bar or hit shift-enter) to import the interface to the pump and create an instance of it.

In [3]:
from lab import Pump
pump = Pump()

## Step 2: Try PINs
Now that we have a pump, we can start guessing PINs! Your first guess may take a bit to generate.

The `enter` method will attempt to unlock the pump with the given PIN, collect the power trace, and plot it.

**NOTE: The `%maplotlib widgit` line is needed in every cell for an interactive plot**

In [4]:
%matplotlib widget
pump.enter('0000')

ModuleNotFoundError: No module named 'ipympl'

Running `enter` multiple times in one block will attempt to enter debug mode on the pump multiple times and will plot the different power traces onto the same plot.

By running the next cell, we can see that the device running this comparison operation results in a structured trace, where (presumably) different operations result in different amounts of power draw. We will be able to use this structure to infer the correctness of our key guesses by comparing traces of different PINs.


**NOTE: Even though we enter the same PIN, there is still variability in the trace. This is expected in a real system, so trying PINs multiple times can help tell you which features are normal and which are random**

In [None]:
%matplotlib widget
pump.enter('0000')
pump.enter('0000')
pump.enter('0000')

By default, `enter` returns the entire, unmodified trace. You can use the buttons on the left of the plot to interract with the trace and zoom into areas of interest.

We can smooth out the trace with the second argument `smooth`. Higher values cause more smoothing and value of 1 does nothing to the trace.

In [None]:
%matplotlib widget
pump.enter('0000', 1) # no smoothing; raw trace
pump.enter('0000', 50)
# ^ is equivalent to
# pump.enter('0000', smooth=50)
pump.enter('0000', 100)

Additionally, once we eventually identify a time section of interest, we can crop to that section with the third argument `crop`.

In [None]:
%matplotlib widget
pump.enter('0000', crop=None) # no crop; full trace
pump.enter('0000', crop=(100, 200))
# ^ is equivalent to
# pump.enter('0000', 1, (100, 200))
pump.enter('0000', crop=(800, 1000))


---
## Your Turn!
Now, using these steps, see if you can crack the PIN!

**Brute-forcing is not allowed, will not actually work (due to technical mitigations on the Pump), and may result in banning of your source IP for this challenge.**  If you’re attempting hundreds of PIN attempts then you’re doing it wrong and need to re-think your approach. 

Feel free to add more Python code cells to work with using the `+` button in the upper left. **Remember to start every cell that needs a plot with  `%matplotlib widget`**

In [None]:
%matplotlib widget

pump.enter('0000', crop=(800, 1000))
pump.enter('9000', crop=(800, 1000))
pump.enter('6000', crop=(800, 1000))
pump.enter('6900', crop=(800, 1000))
pump.enter('6200', crop=(800, 1000))
pump.enter('6290', crop=(800, 1000))
pump.enter('6280', crop=(800, 1000))
pump.enter('6289', crop=(800, 1000))
pump.enter('6281', crop=(800, 1000))

---
## Need a hint?
Run each cell below to reveal another hint

**NOTE:** Some details of the clues only apply to the basic difficulty challenge.

## Hint 1

In [None]:
%load hints/hint1.py

## Hint 2

In [None]:
%load hints/hint2.py

## Hint 3

In [None]:
%load hints/hint3.py

## Hint 4:

In [None]:
%load hints/hint4.py

## Hint 5

In [None]:
%load hints/hint5.py

## Hint 6

In [None]:
%load hints/hint6.py

## Hint 7

In [None]:
%load hints/hint7.py

 
 

(c) The MITRE Corporation 2023. All rights reserved.