# Trace collection

In [1]:
import time
import holoviews as hv
import numpy as np
from hashlib import sha1
from tqdm.notebook import tqdm
from pyecsca.sca.trace_set import PickleTraceSet
from pyecsca.sca.trace import Trace
from pyecsca.sca.trace.plot import plot_trace, plot_traces
from pyecsca.ec.params import get_params

from client import DeviceTarget
from utils import xorshift32

import warnings
warnings.filterwarnings('ignore')
warnings.simplefilter('ignore')
hv.extension("bokeh")

curve = get_params("nist", "P-192", "projective")

Setup the target, runs at frequency of 15MHz. This is also set in the code via the `F_CPU` define in `hal/Makefile.hal`, so changing it here will mess things up.

In [2]:
target = DeviceTarget()

target.timeout = 2000
base_freq = 15000000
#target.scope.io.clkout = base_freq
#target.scope.adc.clk_freq = base_freq

#target.scope.io.clkout = base_freq
#target.scope.adc.clk_freq = base_freq

target.scope.clock.clkgen_freq = base_freq

target.scope.adc.samples = 2000

scope.gain.mode                          changed from low                       to high                     
scope.gain.gain                          changed from 0                         to 30                       
scope.gain.db                            changed from 5.5                       to 24.8359375               
scope.adc.basic_mode                     changed from low                       to rising_edge              
scope.adc.samples                        changed from 24400                     to 5000                     
scope.adc.trig_count                     changed from 1406665                   to 23264309                 
scope.clock.adc_src                      changed from clkgen_x1                 to clkgen_x4                
scope.clock.adc_freq                     changed from 0                         to 29538459                 
scope.clock.adc_rate                     changed from 0.0                       to 29538459.0               
scope.clock.clkgen_

Flash the target with the firmware, takes about 50 seconds.
Only needed if the code changed.
You need to run `make` first.

Note that after this, the board will start the code and a green LED will shine.
If you run `target.halt()` or disconnect the board for some reason, you will
need to call `target.reset()` to restart it.

In [3]:
target.flash("../micro-ecc-CWLITEARM.hex")

Detected known STMF32: STM32F302xB(C)/303xB(C)
Extended erase (0x44), this can take ten seconds or more
Attempting to program 15959 bytes at 0x8000000
STM32F Programming flash...
STM32F Reading flash...
Verified flash OK, 15959 bytes


True

Connect to the target.

In [4]:
target.connect()

Initialize the PRNG on the target.

In [5]:
seed = bytes.fromhex("cafebabe")
target.init_prng(seed)

Generate a keypair on the target.

Note the red LED flashes when the operation is being performed.

In [6]:
target.generate_keypair()

Export the public key.

In [7]:
pubkey = target.export()
print(pubkey)

(5444525316569106633703749239948110244446025656665287477356, 2605552187182590653399721957637309562385306262497831603122)


Pick and hash a message.

In [8]:
msg = b"This is the message"
hash = sha1(msg).digest()

Collect the traces, storing the signatures and duration for each trace. Since we know the PRNG, we can compute the
nonce the implementation is using and store it as well.

In [10]:
traces = []
target.init_prng(bytes.fromhex("deadbeef"))
x = xorshift32(0xdeadbeef)

for i in tqdm(range(10)):
    # Arm and start the timer
    target.scope.arm()
    start = time.perf_counter()
    
    # Do the signature
    signature = target.sign(hash)
    
    # Stop the timer
    end = time.perf_counter()
    duration = end - start
    
    # Collect the trace
    target.scope.capture()
    
    # Use the known PRNG state to compute the used nonce (cheating)
    nonce = int.from_bytes(x.next_bytes(24), byteorder="little") % curve.order
    
    # Store everything in metadata
    meta = {
        "signature": signature,
        "duration": duration,
        "nonce": nonce,
        "blen": nonce.bit_length()
    }
    trace = Trace(samples=target.scope.get_last_trace(), meta=meta)
    traces.append(trace)
trace_set = PickleTraceSet(*traces, pubkey=pubkey, hash=hash, msg=msg)

  0%|          | 0/10 [00:00<?, ?it/s]

Stop the target and disconnect from it. If you want to connect to it again you need to run `target.reset()` and `target.connect()`.

In [12]:
target.halt()
target.disconnect()

Plot a couple of traces.

In [13]:
plot_traces(*traces[:2]).opts(width=2950, height=600)

Save the trace set.

In [14]:
trace_set.write("traces_new_3.pickle")

Verify some signatures.

In [15]:
from utils import verify_signature

In [16]:
for trace in trace_set[:10]:
    print(verify_signature(trace_set.pubkey, trace.meta["signature"], hash))

True
True
True
True
True
True
True
True
True
True
