Skip to content

Commit 81248c1

Browse files
author
lolololol
committed
xtea broken key2 key3 overwritten lol
1 parent ee70232 commit 81248c1

File tree

4 files changed

+91
-7
lines changed

4 files changed

+91
-7
lines changed

cpa.py

Lines changed: 8 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,7 @@
1212
import sparkgap.attack
1313

1414
TRACE_OFFSET = 0
15-
TRACE_LENGTH = 0
15+
TRACE_LENGTH = None
1616
TRACE_MAX = 0
1717

1818
CONFIG_PLOT = True
@@ -119,15 +119,19 @@ def usage():
119119
elif opt in ("-f","--file"):
120120
fn = arg
121121
print("TRACE_OFFSET = %d" % TRACE_OFFSET)
122-
print("TRACE_LENGTH = %d" % TRACE_LENGTH)
122+
if TRACE_LENGTH is None:
123+
print("Delayed loading TRACE_LENGTH")
124+
else:
125+
print("TRACE_LENGTH = %d" % TRACE_LENGTH)
123126
if fn is None:
124127
print("You must specify a file with -f")
125128
sys.exit(0)
126129
print("Stage 1: Loading plaintexts...")
127130
tm = sparkgap.filemanager.TraceManager(fn)
128131
# tm.mapBlocks()
129-
if TRACE_LENGTH == 0:
130-
TRACE_LENGTH = tm.numPoints
132+
if TRACE_LENGTH is None:
133+
TRACE_LENGTH = len(tm.traces[0]) - TRACE_OFFSET
134+
print("TRACE_LENGTH = %d" % TRACE_LENGTH)
131135
print("Stage 2: Deriving key... wish me luck!")
132136
if CONFIG_PLOT:
133137
resultViz = sparkgap.resultviz.VisualizerApp()

emu/xtea_loader.py

Lines changed: 7 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -23,7 +23,7 @@
2323
elif arg in ("-f","--file"):
2424
CONFIG_INFILE = val
2525
elif arg in ("-c","--count"):
26-
CONFIG_COUNT = val
26+
CONFIG_COUNT = int(val)
2727

2828
if CONFIG_INFILE is None or CONFIG_OUTFILE is None:
2929
print("You must populate both -f and -w")
@@ -38,13 +38,16 @@
3838
DOXTEA_END = 0x84c4
3939

4040
rand_input = np.array([random.randint(0,0xFF) for i in range(0,8)],dtype=np.uint8)
41-
emu[KEY_ADDR] = bytes(rand_input[0:4])
42-
emu[KEY_ADDR+4] = bytes(rand_input[4:8])
41+
key_str = " ".join(["%02x" % p for p in rand_input])
42+
43+
print("Key is %s" % key_str)
4344

4445
for i in range(0,CONFIG_COUNT):
4546
emu = rainbow_arm(trace_config=TraceConfig(register=HammingWeight()))
4647
emu.load(CONFIG_INFILE)
4748
emu.setup()
49+
emu[KEY_ADDR] = bytes(rand_input[0:4])
50+
emu[KEY_ADDR+4] = bytes(rand_input[4:8])
4851
rand_input = np.array([random.randint(0,0xFF) for i in range(0,8)],dtype=np.uint8)
4952
emu[DATA_ADDR] = bytes(rand_input[0:4])
5053
emu[DATA_ADDR + 4] = bytes(rand_input[4:8])
@@ -61,3 +64,4 @@
6164
gc.collect()
6265

6366
cs.save(CONFIG_OUTFILE)
67+
print("Reminder: Key is %s" % key_str)

time_test.py

Lines changed: 25 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,25 @@
1+
#!/usr/bin/env python3
2+
3+
import cProfile
4+
5+
in_num = 0x12345678
6+
7+
def method1(number):
8+
return bin(number).count("1")
9+
10+
def method2(number):
11+
totalI = 0
12+
for i in range(0,32):
13+
totalI += (number >> i) & 1
14+
return totalI
15+
16+
def test_method1():
17+
for i in range(0,50000):
18+
method1(0x12345678)
19+
20+
def test_method2():
21+
for i in range(0,50000):
22+
method2(0x12345678)
23+
24+
cProfile.run("test_method1()")
25+
cProfile.run("test_method2()")

xtea_model.py

Lines changed: 51 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,51 @@
1+
#!/usr/bin/env python3
2+
3+
# XTEA needs two rounds to attack
4+
# try1 yields KEY0 ???1 ???2 KEY3
5+
# try2 yields ???0 KEY1 KEY2 ???3
6+
7+
import numpy as np
8+
import math
9+
10+
class AttackModel:
11+
def __init__(self):
12+
self.keyLength = 2
13+
self.fragmentMax = 0x100000000
14+
self.HW_LUT = [bin(x).count("1") for x in range(0,0x100)]
15+
16+
def loadPlaintextArray(self,plaintexts):
17+
print("Loading plaintext array for XTEA HW Attack")
18+
self.pt = plaintexts
19+
print("[Preprocessing] creating v0 and v1 arrays...")
20+
self.v0 = np.zeros(len(self.pt),np.uint32)
21+
self.v1 = np.zeros(len(self.pt),np.uint32)
22+
self.intval_left = np.zeros(len(self.pt),np.uint32)
23+
self.intval_right = np.zeros(len(self.pt),np.uint32)
24+
for tnum in range(0,len(self.pt)):
25+
v0 = self.pt[tnum][0] + self.pt[tnum][1] * 0x100 + self.pt[tnum][2] * 0x10000 + self.pt[tnum][3] * 0x1000000
26+
v1 = self.pt[tnum][4] + self.pt[tnum][5] * 0x100 + self.pt[tnum][6] * 0x10000 + self.pt[tnum][7] * 0x1000000
27+
self.v0[tnum] = ((v1 << 4 ^ v1 >> 5) + v1)
28+
self.v1[tnum] = ((v0 << 4 ^ v0 >> 5) + v0)
29+
print("[Preprocessing] v0 and v1 arrays done")
30+
31+
def loadCiphertextArray(self,ct):
32+
print("Loading plaintext array for XTEA HW Attack")
33+
self.ct = ct
34+
35+
def genIVal(self,tnum,bnum,kguess):
36+
if bnum == 0:
37+
return bin(self.v0[tnum] ^ kguess).count("1")
38+
else:
39+
return bin(self.v1[tnum] ^ kguess).count("1")
40+
41+
def genIValRaw(self,tnum,bnum,kguess):
42+
if bnum == 0:
43+
return self.v0[tnum] ^ kguess
44+
else:
45+
return self.v1[tnum] ^ kguess
46+
47+
def distinguisher(self,tnum,bnum,kguess):
48+
return self.genIValRaw(tnum,bnum,kguess) % 2 == 0
49+
50+
if __name__ == "__main__":
51+
print("This is a test file for external loading of attack models")

0 commit comments

Comments
 (0)