def main(): tdb= traces_database( __TABLE__ ) brk= des_breaker() # Some variables fullkey= None subkeys= None stability= 0 iteration= 0 fd= open(__OUTPUT_FILE__(), "w") # Multiply outputs def out( s ): fd.write(s+"\n") print s out( "# Table: " + __TABLE__ ) out( "# Stability threshold: " + str(__STABILITY_THRESHOLD__) ) out( "# Iteration threshold: " + str(__ITERATION_THRESHOLD__) ) out( "#" ) out( "# Columns: Iteration Stability Subkey0 ... Subkey7" ) # Searching for the key #print 'searching for the key..' while fullkey == None: start_time = time.time() msg, crypt, trace= tdb.get_trace() brk.process(msg, trace) iteration+= 1 #text= str(iteration).rjust(4) + " " # When enough iterations, trying to guess subkeys #if iteration >= __ITERATION_THRESHOLD__: if iteration >= __ITERATION_THRESHOLD__ : # Computing new subkeys and stability mark loc_subkeys= brk.get_subkeys() if loc_subkeys == subkeys: stability+= 1 else: subkeys= loc_subkeys stability= 0 # Gathering some informations #text+= str(stability).rjust(3) #for sk in subkeys: #text+= " " + str(sk).rjust(2) # If subkeys have been stable for long enough, try to guess the full key if stability >= __STABILITY_THRESHOLD__ : print 'Done' fullkey= brk.get_key(msg, crypt) # Flushing output #out( text ) # End of Attack out( "# Key: " + str(fullkey) + "\n" ) fd.close()
def test(): sb= sbox_breaker( 0 ) tdb= traces_database(TABLE) for i in range(10): msg, crypt, trace= tdb.get_trace() sb.process(msg, trace) best_key= sb.get_key() print "processed trace:", i, "- best key is:", best_key
def test(): sb= sbox_breaker( 1 ) tdb= traces_database(__TABLE__) for i in range(10): msg, crypt, trace= tdb.get_trace() sb.process(msg, parse_binary(trace)) best_key= sb.get_keys()[0] print "processed trace:", i, "- best key is:", best_key
def test(): ke= key_estimator(0, 56) # 56 is the correct key for the sbox #0 tdb= traces_database.traces_database(TABLE) for i in range(10): msg, crypt, trace= tdb.get_trace() ke.process(msg, trace) print "processed trace:", i, "- mark is:", ke.get_mark() fd= open("output.csv", "w") for f in ke.get_differential(): fd.write(str(f)+"\n") fd.close()
def test(): sb= sbox_breaker( 6 ) tdb= traces_database(TABLE) for i in range(300): msg, crypt, trace= tdb.get_trace() print "processing trace: ",i sb.process(msg, trace[START:END]) if i>150 : best_key= sb.get_key() print "- best key is:", best_key key=sb.get_key() print "Got key ",best_key
def main(): tdb= traces_database( TABLE ) brk= des_breaker() # Some variables fullkey= None subkeys= None stability= 0 iteration= 0 fd= open(OUTPUT_FILE, "w") # Multiply outputs def out( s ): fd.write(s+"\n") print s out( "# Table: " + TABLE ) out( "# Stability threshold: " + str(STABILITY_THRESHOLD) ) out( "# Iteration threshold: " + str(ITERATION_THRESHOLD) ) out( "#" ) out( "# Columns: Iteration Stability Subkey0 ... Subkey7" ) # Searching for the key while fullkey == None: msg, crypt, trace= tdb.get_trace() trace = k4(10,trace) brk.process(msg, trace[START:END]) iteration+= 1 text= str(iteration).rjust(4) + " " # When enough iterations, trying to guess subkeys if iteration >= ITERATION_THRESHOLD: # Computing new subkeys and stability mark loc_subkeys= brk.get_subkeys() if loc_subkeys == subkeys: stability+= 1 else: subkeys= loc_subkeys stability= 0 # Gathering some informations text+= str(stability).rjust(3) for sk in subkeys: text+= " " + str(sk).rjust(2) # If subkeys have been stable for long enough, try to guess the full key if stability >= STABILITY_THRESHOLD: fullkey= brk.get_key(msg, crypt) # Flushing output out( text ) # End of Attack out( "# Key: " + str(fullkey) + "\n" ) fd.close()
def test(): ke= n_key_estimator( [(0, 56), (1, 11)] ) # 56 and 11 are the correct keys for sbox #0 and #1 tdb= traces_database.traces_database(TABLE) for i in range(10): msg, crypt, trace= tdb.get_trace() ke.process(msg, trace) print "Processed trace:", i, "- mark is:", ke.get_mark() fd= open("output.csv", "w") for f in ke.get_differential(): fd.write(str(f)+"\n") fd.close()
def main(): # Start timer start_time = time.time() # Preparing output directory OUTDIR= outdir() if not path.isdir( OUTDIR ): print "WARNING: Output directory "+OUTDIR+ " does not exist: creating it !!" mkdir(OUTDIR) # Checking consistency of <N> and <ORDER> if N>1 and ORDER != "randomized": print "ERROR: You choose multiple analyses (N="+str(N)+") but ORDER is different of \"randomized\" !!" sys.exit(1) for n in range(N): # Choose whether or not we are local or distant if DB_or_FS: tdb= traces_database(TABLE) else: tdb= traces_filesystem(DIRECTORY) # Some variables fullkey= None subkeys= None stability= 0 iteration= 0 # Build name and opening file log logfile= OUTDIR+"/output_#"+str(n)+".txt" fd= open( logfile, 'w' ) def out( s ): # Multiply outputs fd.write(s+"\n") fd.flush() print s out( "# Table: " + TABLE ) out( "# Stability threshold: " + str(STABILITY_THRESHOLD) ) out( "# Iteration threshold: " + str(ITERATION_THRESHOLD) ) out( "#" ) out( "# Columns: Iteration Stability Subkey0 ... Subkey7" ) # Create DES breaker object brk= des_breaker() # Searchs for the key while fullkey == None: msg, crypt, trace= tdb.get_trace() if not msg: # At the end of the database print "WARNING: All files used, key undisclosed !!" sys.exit(1) if msg != 'err': wave= dsp( trace ) brk.process(msg, wave) iteration+= 1 text= str(iteration).rjust(4) + " " # When enough iterations, trying to guess subkeys if iteration >= ITERATION_THRESHOLD: # Computing new subkeys and stability mark loc_subkeys= brk.get_subkeys() if loc_subkeys == subkeys: stability+= 1 else: subkeys= loc_subkeys stability= 0 # Gathering some informations text+= str(stability).rjust(3) for sbox in range(8): if sbox in SB_LST: text+= " " + str( subkeys[ SB_LST.index(sbox) ] ).rjust(2) else: text+= " ".rjust(2) # If subkeys have been stable for long enough, try to guess the full key if stability >= STABILITY_THRESHOLD: if len( SB_LST ) == 8: # Attack on all SBox fullkey= brk.get_key(msg, crypt) else: fullkey="All attacked subkeys disclosed" for sbox in SB_LST: if subkeys[sbox] != SK_R1[sbox]: fullkey=None # Flushing output out( text ) # End of Attack out( "# Key: " + str(fullkey) + "\n" ) print "# Execution time: ", time.time() - start_time fd.close() sys.exit(1)
def main(): # Checks consistency of <N> and <ORDER> if N>1 and ORDER != "randomized": print "ERROR: You choose multiple analyses (N="+str(N)+") but ORDER is different of \"randomized\" !!" sys.exit(1) # Prepares output directory OUTDIR= outdir() if not path.isdir( OUTDIR ): print "WARNING: Output directory "+OUTDIR+ " does not exist: creating it !!" mkdir(OUTDIR) # Runs <N> analyses for n in range(N): # Chooses whether or not we are local or distant if DB_or_FS: tdb= traces_database(TABLE) else: tdb= traces_filesystem(DIRECTORY) # Builds name and opens file log logfile= OUTDIR + '/' + str( id(tdb) ) + time.strftime("_%Y_%b_%d_%H:%M:%S") + "_key_info_#" + str(n) + ".txt" fd= open( logfile, 'w' ) def out( s ): # Multiple outputs fd.write(s+"\n") fd.flush() print s # Displays some informations out( "# Table: " + TABLE ) out( "# Stability threshold: " + str(STABILITY_THRESHOLD) ) out( "# Iteration threshold: " + str(ITERATION_THRESHOLD) ) out( "#" ) out( "# Columns: Iteration Stability Subkey0 ... Subkey7" ) # Searches for the key fullkey= None sk_lst= [] # List of disclosed key_sbox couples while fullkey == None: # Searches for one subkey iteration= 0 prev_subkeys= {} # Dictionnary to store subkeys of previous step stability= {} # Dictionnary to store stability and each undisclosed sboxes brk= des_breaker12( list(sk_lst) ) # Creates DES breaker object new_sb= False # No new subkey disclosed while not new_sb: msg, crypt, trace= tdb.get_trace() if not msg: # At the end of the database print "WARNING: All files used, key undisclosed !!" sys.exit(1) wave= dsp( trace ) # Passes trace to DSP brk.process(msg, wave) # Passes trace to DES breaker iteration+= 1 text= str(iteration).rjust(4) + " " # When enough iterations, tries to guess subkeys if iteration >= ITERATION_THRESHOLD: # Computes new subkeys cur_subkeys= brk.get_subkeys() # Returns (sbox, key) # Computes stability mark... for s,k in cur_subkeys: if s not in map( lambda sk: sk[0], sk_lst ): # ...for undisclosed subkeys if k == prev_subkeys.get( s, None ): stability[s]= ( k, stability.get( s, [0,0] )[1] + 1 ) # stability= { sbox:( key, stability ) } else: stability[s]= ( k, 0 ) prev_subkeys[s]= k # Gathers some informations max_stab= max( map( lambda k_s: k_s[1], stability.values() ) ) text+= str( max_stab ).rjust(3) for sbox in range(8): if sbox in SB_LST: text+= " " + str( cur_subkeys[ SB_LST.index(sbox) ][1] ).rjust(2) else: text+= " ".rjust(2) out( text ) # Checks if one subkey has been stable for long enough for sbox, key_stab in stability.items(): if key_stab[1] == STABILITY_THRESHOLD: new_sb= True sk_lst.append( [ sbox, key_stab[0] ] ) # Saves info on new disclosed subkey out( "SBox #" + str(sbox) + " disclosed (" + str( key_stab[0] ) + ") - MTD= " + str(iteration) ) # If all subkey disclosed, tries to guess the full key if len( sk_lst ) == 8: # Attack on all SBox full_sk= list (sk_lst ) # Hard copy of sk_lst full_sk.sort( reverse=False, key=itemgetter(0) ) # Sorts subkeys by increasing sbox full_subkeys= map( lambda s_k: s_k[1], full_sk) fullkey= brk.get_key(msg, crypt, full_subkeys ) elif len( sk_lst ) == len( SB_LST ): fullkey="All attacked sbox stable" # @note we do no longer check the full key as error may have occur later #for sbox in SB_LST: # if subkeys[sbox] != SK_R1[sbox]: # fullkey=None # Prepares next run tdb.rollback() # Rolls back database del brk # Outputs value of full key out( "# Key: " + str(fullkey) + "\n" ) # Prepares next analysis (if any) del tdb fd.close()
def process(self, msg, trace): """ Process the given trace for the given message. Updates the best key (instance member) """ # Computing differential traces and the best key at that point # (i.e. given the number of traces consumed from the database so far) for fv, nke in self.__n_key_estimators: nke.process( msg, trace ) self.__best_key= None def get_keys(self): "Return the keys sorted by best candidates" keys_marks= [] if self.__best_key == None: for fv, nke in self.__n_key_estimators: keys_marks.append( list( [fv, nke.get_mark()] ) ) keys_marks.sort( reverse=True, key=itemgetter(1) ) # Sort by sbox return map( lambda km: km[0], keys_marks ) if __name__ == "__main__": sb= n_sbox_breaker( [ [0,56], [1,None] ] ) # Here, subkey #0 is known, we look for subkey #1 tdb= traces_database(TABLE) for i in range(100): msg, crypt, trace= tdb.get_trace() sb.process(msg, trace) best_keys= sb.get_keys() print "Processed trace:", i, " - Best key is:", best_keys[0], " - True key is at position: ", best_keys.index( [ [0,56], [1,11] ] )
# Modules only for test from traces_database import traces_database def dsp( wave ): #Limiting number of samples trace= wave[BEGIN_T:END_T] # Pre-processing if DSP == "kurtosis": trace= k4( 100, trace ) elif DSP == "RMS": sum = 0. n = 0. for sample in trace: sum += sample ** 2 n += 1 trace= [ sqrt( sum / n ) ] # @note "trace" should remain a list for other classes return trace if __name__ == "__main__": tdb= traces_database(TABLE) # Open database msg, crypt, data= tdb.get_trace() # Reads one trace wave= dsp( data ) # Read one trace and apply pre-processing # @note Change "constant.py" to modify DSP fd= open("trace.csv",'w') for sample in wave: fd.write( str(sample)+'\n' ) fd.close()
def main(): tdb= traces_database( __TABLE__ ) brk= des_breaker() # Some variables fullkey= None subkeys= None stability= 0 iteration= 0 fd= open(__OUTPUT_FILE__(), "w") # Multiply outputs def out( s ): fd.write(s+"\n") print s out( "# Table: " + __TABLE__ ) out( "# Stability threshold: " + str(__STABILITY_THRESHOLD__) ) out( "# Iteration threshold: " + str(__ITERATION_THRESHOLD__) ) out( "#" ) out( "# Columns: Iteration Stability Subkey0 ... Subkey7" ) # Searching for the key out( "Recherche de 48 bits de cle par analyse du premier tour" ) while fullkey == None: msg, crypt, trace= tdb.get_trace() brk.process(msg, trace) iteration+= 1 text= str(iteration).rjust(4) + " " # When enough iterations, trying to guess subkeys if iteration >= __ITERATION_THRESHOLD__: # Computing new subkeys and stability mark loc_subkeys= brk.get_subkeys() if loc_subkeys == subkeys: stability+= 1 else: subkeys= loc_subkeys stability= 0 # Gathering some informations text+= str(stability).rjust(3) for sk in subkeys: text+= " " + str(sk).rjust(2) # If subkeys have been stable for long enough, try to guess the full key if stability >= __STABILITY_THRESHOLD__: # fullkey= brk.get_key(msg, crypt) break # Flushing output out( text ) second_round_begin= iteration subkeys2= None out( "Recherche des 8 derniers bits par analyse du second tour" ) brk.__begin_second_round__() while fullkey == None: msg, crypt, trace= tdb.get_trace() brk.process2(msg, trace) iteration+= 1 text= str(iteration).rjust(4) + " " if iteration >= second_round_begin + __ITERATION_THRESHOLD__: # When enough iterations, trying to guess subkeys # Computing new subkeys and stability mark loc_subkeys= brk.get_subkeys2() if loc_subkeys == subkeys2: stability+= 1 else: subkeys2= loc_subkeys stability= 0 # Gathering some informations text+= str(stability).rjust(3) text+= " " + str(subkeys2[0]).rjust(2) text+= " " + str(subkeys2[1]).rjust(2) text+= " " + str(subkeys2[2]).rjust(2) text+= " " + str(0).rjust(2) text+= " " + str(subkeys2[3]).rjust(2) text+= " " + str(0).rjust(2) text+= " " + str(subkeys2[4]).rjust(2) text+= " " + str(subkeys2[5]).rjust(2) # If subkeys have been stable for long enough, try to guess the full key if stability >= __STABILITY_THRESHOLD__: break # Flushing output out( text ) # End of Attack fullkey= brk.recover_full_key(subkeys, subkeys2) out( "# Key: " + str(fullkey) + "\n" ) fd.close()