1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
|
import random
import pytest
from pyecsca.ec.mult import LTRMultiplier
from pyecsca.sca.attack.CPA import CPA
from pyecsca.sca.attack.DPA import DPA
from pyecsca.sca.attack.leakage_model import HammingWeight, NormalNoice
from pyecsca.sca.target import LeakageTarget
@pytest.fixture()
def mult(secp128r1):
return LTRMultiplier(
secp128r1.curve.coordinate_model.formulas["add-2015-rcb"],
secp128r1.curve.coordinate_model.formulas["dbl-2015-rcb"],
)
@pytest.fixture()
def target(secp128r1, mult):
target = LeakageTarget(
secp128r1.curve.model, secp128r1.curve.coordinate_model, mult, HammingWeight()
)
target.set_params(secp128r1)
return target
def test_dpa(secp128r1, mult, target, mocker):
random.seed(1337)
def randbelow(n):
return random.randrange(n)
mocker.patch("secrets.randbelow", randbelow)
scalar = 5
pub = secp128r1.curve.affine_multiply(
secp128r1.generator.to_affine(), scalar
).to_model(secp128r1.curve.coordinate_model, secp128r1.curve)
points, traces = target.simulate_scalar_mult_traces(200, scalar)
dpa = DPA(points, traces, mult, secp128r1)
res = dpa.perform(3, pub)
assert res == 5
def test_cpa(secp128r1, mult, target, mocker):
random.seed(1337)
def randbelow(n):
return random.randrange(n)
mocker.patch("secrets.randbelow", randbelow)
scalar = 5
pub = secp128r1.curve.affine_multiply(
secp128r1.generator.to_affine(), scalar
).to_model(secp128r1.curve.coordinate_model, secp128r1.curve)
points, original_traces = target.simulate_scalar_mult_traces(100, scalar)
for _ in range(5):
noise = NormalNoice(0, 2)
traces = [noise(trace) for trace in original_traces]
cpa = CPA(points, traces, HammingWeight(), mult, secp128r1)
res = cpa.perform(3, pub)
assert res == 5
|
