# Lascar Example with CW Traces

Capturing is the same as usual. We'll capture a rather large amount of trace (3000) to show off the speed of lascar:

In [None]:
SCOPETYPE = "OPENADC"
PLATFORM = "CWLITEARM"

In [None]:
%run "../Helper_Scripts/Setup.ipynb"

In [None]:

fw_path = "../../hardware/victims/firmware/simpleserial-aes/simpleserial-aes-cwlitearm.hex"

In [None]:
# program the target
cw.program_target(scope, prog, fw_path)

In [None]:
#Capture Traces
from tqdm import tnrange
import numpy as np
import time

ktp = cw.ktp.Basic(target=target)

traces = []
textin = []
keys = []
N = 3000  # Number of traces
project = cw.project("test.cwp")
for i in tnrange(N, desc='Capturing traces'):
    # run aux stuff that should come before trace here

    key, text = ktp.next()  # manual creation of a key, text pair can be substituted here
    textin.append(text)
    keys.append(key)
    
    trace, resp = cw.capture_trace(scope, target, text, key)

    traces.append(trace)

#Convert traces to numpy arrays
trace_array = np.asarray(traces)  # if you prefer to work with numpy array for number crunching
textin_array = np.asarray(textin)
known_keys = np.asarray(keys)  # for fixed key, these keys are all the same

In [None]:
import chipwhisperer as cw
import numpy as np

project = cw.openProject("../stm32f415_lab.cwp")

start_point = 1312
end_point = 1350

tm = project.traceManager()

trace_array = np.zeros( (tm.numTraces(), end_point - start_point))
textin_array = np.zeros( (tm.numTraces(), len(tm.getTextin(0))), dtype="uint8" )
textout_array = np.zeros( (tm.numTraces(), len(tm.getTextout(0))), dtype="uint8" )

print ("Copying %d traces of %d samples into memory" % (tm.numTraces(), tm.numPoints()))
for n in range(0, tm.numTraces()):
    trace_array[n] = tm.getTrace(n)[start_point:end_point]
    textin_array[n] = tm.getTextin(n)
    textout_array[n] = tm.getTextout(n)

## Running Lascar on Traces

The first thing we will do is select a leakage function. The following is a few examples - the first is the standard sboxHW function, the next two are common for hardware crypto.

In [None]:
from lascar import *
from lascar.tools.aes import sbox, inv_sbox

#The following leakage models copied from /chipwhisperer/analyzer/attacks/models/AES128_8bit.py and
# massaged into Lascar Version

def selection_function_sboxHW(byte):
    # selection_with_guess function must take 2 arguments: value and guess
    def selection_with_guess(value, guess):
        return hamming(sbox[value[byte] ^ guess])
    return selection_with_guess

def selection_function_sboxInOutHD(byte):
    # selection_with_guess function must take 2 arguments: value and guess
    def selection_with_guess(value, guess):
        return hamming(sbox[value[byte] ^ guess] ^ value[byte])
    return selection_with_guess

def selection_function_lastroundHD(byte):
    # selection_with_guess function must take 2 arguments: value and guess
    def selection_with_guess(value, guess):
        INVSHIFT_undo = [0, 5, 10, 15, 4, 9, 14, 3, 8, 13, 2, 7, 12, 1, 6, 11]
        st10 = value[INVSHIFT_undo[byte]]
        st9 = inv_sbox[value[byte] ^ guess]
        return hamming(st9 ^ st10)
    return selection_with_guess

Now, we need to make the engines. This requires us to select one of the above leakage functions and create a large array of them. Edit the following to change the leakage function you wish to use.

In [None]:
from chipwhisperer.analyzer.attacks.models.AES128_8bit import LastroundStateDiff
#Adjust this if needed - will ensure correct key/PGE highlighting is done!
highlight_key = LastroundStateDiff().processKnownKey(project.traceManager().getKnownKey(0))
#highlight_key = project.traceManager().getKnownKey(0)

#Adjust this for actual attack used!
guess_range = range(256)
cpa_engines = [CpaEngine("cpa_%02d" % i, selection_function_lastroundHD(i), guess_range) for i in range(16)]

In [None]:
#This is alist of cpa engines now. See for example:
#help(cpa_engines[0])

Finally run ONE of the following - the difference is the container either has the textin or textout. The correct setup depends on your leakage function assumptions.

In [None]:
#Leakage models using plaintext (such as SBox output) require textin
containter_textin =  TraceBatchContainer(trace_array, textin_array)
session = Session(containter_textin, engines=cpa_engines).run(batch_size=50)

In [None]:
#Leakage models using ciphertext (such as lastroundHD) require textout
containter_textout =  TraceBatchContainer(trace_array, textout_array)
session = Session(containter_textin, engines=cpa_engines).run(batch_size=50)

In [None]:
from IPython.display import clear_output
import numpy as np
import chipwhisperer as cw

from chipwhisperer.analyzer.attacks._stats import DataTypeDiffs

key = project.traceManager().getKnownKey(0)

class LascarCWAttacks(object):
    
    def __init__(self, cpa_engines, highlight_key=None):  
        dt = DataTypeDiffs()
        for i in range(len(cpa_engines)):
            results = cpa_engines[i].finalize()
            dt.updateSubkey(i, results)

        self.dt = dt
        self.hlk = highlight_key

    def display_pge(self):
        cb = cw.getJupyterCallback(self)
        cb()
        
    def getStatistics(self):
        """CW Interfae Function"""
        return self.dt
    
    def knownKey(self):
        """CW Interface Function"""
        if self.hlk is None: return [0]*16
        
        return self.hlk
    
    def getReportingInterval(self):
        """CW Interface Function"""
        return 0
    
results = LascarCWAttacks(cpa_engines, highlight_key)
results.display_pge()
    

## Unfinished Business

In [None]:
from bokeh.plotting import figure, show
from bokeh.io import output_notebook
output_notebook()
p = figure()
for i in range(16):
    results = cpa_engines[i].finalize()
    xrange = range(len(results[0x2B]))
    guess = abs(results).max(1).argmax()
    print("Best Guess is {:02X} (Corr = {})".format(guess, abs(results).max()))
    p.line(xrange, results[guess])
    
show(p)

In [None]:
print(results)

In [None]:
from bokeh.plotting import figure, show
from bokeh.io import output_notebook

output_notebook()
xrange = range(len(results[0x2B]))
print(xrange)
print(len(results))
p = figure()
#p.line(xrange, traces[5],line_color='red')
p.line(xrange, results[0x3C])
show(p)

In [None]:
print(mycontainer.values)

In [None]:
from lascar.output.parse_results import apply_parse
import pandas as pd
from IPython.display import clear_output
class JupyterOutputMethod(OutputMethod):
    def __init__(self, *engines):
        OutputMethod.__init__(self, engines)
        self.parsed_subkeys = 0
        self.results_list = [0] * 16
    
    def _update(self, engine, results):
        engine.output_parser_mode = "argmax"
        results_parsed = apply_parse(engine, abs(results))
        display(self.parsed_subkeys)
        if results_parsed is None:
            return
        idx = int(cpa_engine.name[-2:])
        self.results_list[idx] = results_parsed
        self.parsed_subkeys += 1
        if self.parsed_subkeys > 15:
            df = pd.DataFrame(self.results_list)
            fd = df.transpose()
            def formatter(stats):
                return str("{}".format(stats))
            #clear_output(wait=True)
            display(fd.head().style.format(formatter))
            self.parsed_subkeys = 0
        
    def _finalize(self):
        pass