B3-I tutorial SAD based solution

[x8-999-github]

While following the B3-I tutorial I found it quite hard to find the correct values. I tried different approaches that involved some kind of signal processing like find peaks but it all did not really work out for me. I ended up using a poor mans' SAD filter on the wave of interest. Using this the tutorial worked without much tweaking. Following the current tutorial has some merits for understanding the trace format but perhaps using a SAD filter is less effort in the end.

Here is my implementation

# GUI compatibility
try:
    scope = self.scope
    target = self.target
    aux_list = self.aux_list
    api = self.api
except NameError:
    pass
import numpy as np

from chipwhisperer.capture.auxiliary.ResetCW1173Read import ResetCW1173
Resetter = ResetCW1173(xmega=True, delay_ms=1200)
aux_list.register(Resetter.resetThenDelay, "before_trace")

#scope setup
scope.gain.gain = 45
scope.adc.samples = 2000
scope.adc.offset = 0
scope.adc.basic_mode = "rising_edge"
scope.clock.clkgen_freq = 7.37e6
scope.clock.adc_src = "clkgen_x4"
scope.trigger.triggers = "tio4"
scope.io.tio1 = "serial_rx"
scope.io.tio2 = "serial_tx"
scope.io.hs2 = "clkgen"

#target setup
target.key_cmd = ''
target.input_cmd = ''
target.go_cmd = 'j\n'

# does not work using "old style"
# target.protver = '1.0'
api.setParameter(['Simple Serial', 'Protocol Version', 'Version', '1.1'])

import chipwhisperer as cw
# Test one capture
cw.captureN(self.scope, self.target, None, self.aux_list, self.ktp, 1)
trace = scope.getLastTrace()

# "Interesting part" we hope to ... recognize
interesting = np.abs(trace[145:155])
interesting_len = len(interesting)

# Crack the first letter
password = ''
#while developing
#trylist = 'ahxp30d'
trylist = 'abcdefghijklmnopqrstuvwxyz0123456789'

current_max = 150

for i in range(5):
    for c in trylist:
        # Get a power trace using our next attempt
        nextPass = password + '{}'.format(c) + "\n"
        target.go_cmd = nextPass
        cw.captureN(self.scope, self.target, None, self.aux_list, self.ktp, 1)

        # Grab the trace
        nextTrace = scope.getLastTrace()

        best_match =0
        best_sum = 0
        # find "best match"
        for x in range(0,500):
            my_sum = np.sum(np.abs(np.abs(nextTrace[x:x+ interesting_len]) - interesting))
            if my_sum < best_sum or best_match ==0:
                best_match = x
                best_sum = my_sum

        runLength = best_match
        print("password char number %d char %c: processing time %d"  % (i,c,runLength))
        if current_max < runLength :
            current_max = runLength + 5
            password += c
            print("Password: %s" % password)
            break

print("Final password: %s" % password)

[FranzHeubach]

If by the best values you mean the peaks that leak the timing information, I find the best way to get used to a target is to try passwords with a incremented number of correct characters. Do this while you have persistence on the graph enabled, which allows you to visually identify the timing pattern the significant peaks.

This is not really real life as you would not normally know the password or implementation on a device. There you could try all letters for the first character and see if a portion of the trace changes significantly (a peak moving or appearing). It should only appear for one of the characters tried (the correct one).

I just described the process of arriving to the "interesting" variable you declared. SAD usually works pretty well for identifying the peak and if you can implement it mostly with numpy functions keeping a lot of the calculations in C that should speed up the calculations. I hope this helps!