# Side-Channel Workshop
In this lab, we will walk through a simple power analysis (SPA) side-channel attack.

The provided data client will connect you to an embedded device that accepts 4-digit PINs, compares them to the correct PIN using the `strcmp` (string compare) function, and returns the result (correct/incorrect) and a power side-channel trace of the device performing the operation.

**Your goal: use the power traces to crack the 4-digit PIN**

## Step 1: Create Lock
First, we need to create the lock. You can create one of three locks, each with a different difficulty.

Just run this once (click the cell and press the play button on the top bar or hit shift-enter).

In [None]:
from lab import Door
import matplotlib.pyplot as plt
%matplotlib widget

# basic difficulty (large trigger signal, 4-digit numeric)
door = Door(path=Door.BASIC)

# medium difficulty (no trigger signal, 4-digit numeric)
# door = Door(path=Door.MED)

# advanced difficulty (no trigger signal, random 4-digit numeric)
# door = Door(path=Door.ADV)

## Step 2: Try PINs
Now that we have a lock, we can start guessing PINs! Your first guess may take a bit to generate.

The `unlock` method will attempt to unlock the door with the given PIN, collect the power trace, and plot it.

**NOTE: The `plt.figure()` line is needed in every cell to create a new plot**

In [None]:
plt.figure()
door.unlock('0000')

Running `unlock` multiple times in one block will attempt to unlock the lock multiple times and plot the different traces onto the same plot.

By running the next cell, we can see that the device running this comparison operation results in a structured trace, where (presumably) different operations result in different amounts of power draw. We will be able to use this structure to infer the correctness of our key guesses by comparing traces of different PINs.


**NOTE: Even though we enter the same PIN, there is still variability in the trace. This is expected in a real system, so trying PINs multiple times can help tell you which features are normal and which are random**

In [None]:
plt.figure()
door.unlock('0000')
door.unlock('0000')
door.unlock('0000')

By default, `unlock` returns the entire, unmodified trace. You can use the buttons on the left of the plot to interract with the trace and zoom into areas of interest.

We can smooth out the trace with the second argument `smooth`. Higher values cause more smoothing and value of 1 does nothing to the trace.

In [None]:
plt.figure()
door.unlock('0000', 1) # no smoothing; raw trace
door.unlock('0000', 50)
# ^ is equivalent to
# door.unlock('0000', smooth=50)
door.unlock('0000', 100)

Additionally, once we eventually identify a time section of interest, we can crop to that section with the third argument `crop`.

In [None]:
plt.figure()
door.unlock('0000', crop=None) # no crop; full trace
door.unlock('0000', crop=(100, 200))
# ^ is equivalent to
# door.unlock('0000', 1, (100, 200))
door.unlock('0000', crop=(800, 1000))


---
## Your Turn!
Now, using these steps, see if you can crack the password!

Please don't just brute-force all 10k possible combinations. That will both bog down the server for your fellow attackers and defeat the purpose of the exercise 😊 

Feel free to add more Python code cells to work with using the `+` button in the upper left. **Remember to start every cell that needs a plot with  `%matplotlib widget`**

In [None]:
plt.figure()

# your code here

---
## Finished?
If you've finished early or just want a challenge, try some of the following:

* Figure out the optimal strategy for guessing passwords (what is the minimum number of guesses to ensure cracking the PIN?)
* Try using the advanced data client. The timing-critical section will be harder to spot and the password is 4 bytes of binary input instead of 4 digits

---
## Need a hint?
Run each cell below to reveal another hint

**NOTE:** Some details of the clues only apply to the basic difficulty challenge.

## Hint 1

In [None]:
%load hints/hint1.py

## Hint 2

In [None]:
%load hints/hint2.py

## Hint 3

In [None]:
%load hints/hint3.py

## Hint 4:

In [None]:
%load hints/hint4.py

## Hint 5

In [None]:
%load hints/hint5.py

## Hint 6

In [None]:
%load hints/hint6.py

## Hint 7

In [None]:
%load hints/hint7.py