Avr folder is missing in avrcryptolib folder

UsamaMuddassar · September 27, 2023, 7:08am

I am trying to implement des on my target and currently facing following issue:

…/./crypto/avrcryptolib//des/des.c:30:10: fatal error: avr/pgmspace.h: No such file or directory
30 | #include <avr/pgmspace.h>
| ^~~~~~~~~~~~~~~~
compilation terminated.
make[1]: *** […/./Makefile.inc:495: objdir-CWLITEARM/des.o] Error 1
make[1]: *** Waiting for unfinished jobs…

Where can I find avr folder as I have looked in hardware folder of Jupyter directory and couldn’t find it. Can you kindly tell me where I have to download it?

jpthibault · September 27, 2023, 1:04pm

avr/pgmspace.h is part of the avg-gcc toolchain; on my installation (Ubuntu), it’s /usr/lib/avr/include/avr/pgmspace.h.

You are likely getting this because you are trying to compile with CRYPTO_TARGET=AVRCRYPTOLIB (which is the default here and the only supported option) and PLATFORM=CWLITEARM. The AVRCRYPTOLIB only works with the XMEGA target (PLATFORM=CWLITEXMEGA).

UsamaMuddassar · September 28, 2023, 3:57am

@jpthibault where is this folder in Juypter notebook? I could not find this in the http://localhost:8888/tree

UsamaMuddassar · September 28, 2023, 6:25am

@jpthibault I have changed PLATFORM=CWLITEARM to PLATFORM=CWLITEXMEGA and CRYPTO_TARGET=AVRCRYPTOLIB, which is giving no error on burning hex file to platform. But when I tried to capture traces from it, it is giving “Timed out error”.

code:

from tqdm import tnrange
import numpy as np
import time
ktp = cw.ktp.Basic()
trace_array =
textin_array =
key, text = ktp.new_pair()
N = 50
for i in tnrange(N, desc=‘Capturing traces’):
scope.arm()
target.simpleserial_write(‘p’, text)
ret = scope.capture()
if ret:
print(“Target timed out!”)
continue
response = target.simpleserial_read(‘r’, 8)
trace_array.append(scope.get_last_trace())
textin_array.append(text)

Error:

(ChipWhisperer Scope WARNING|File _OpenADCInterface.py:642) Timeout in OpenADC capture(), no trigger seen! Trigger forced, data is invalid. Status: 0b
(ChipWhisperer Scope WARNING|File _OpenADCInterface.py:642) Timeout in OpenADC capture(), no trigger seen! Trigger forced, data is invalid. Status: 0a

jpthibault · September 29, 2023, 1:22pm

By default, the key and text generated by ktp.new_pair() are 16-byte arrays because that’s the key size and block size for AES. But the key and block size for DES are half that size, so you need to change the default:

ktp.text_len = 8
ktp.key_len = 8

BTW you can see in the simpleserial-des.c source that 8 bytes are expected for the ‘p’ and ‘k’ simpleserial commands, i.e.:
simpleserial_addcmd('p', 8, encrypt);

UsamaMuddassar · October 2, 2023, 3:47am

@jpthibault thanks a lot for your guidance.

UsamaMuddassar · October 2, 2023, 4:08am

@jpthibault I have written following code to crack DES, but it is giving me wrong key. I have edited Lab 3_3 Main and Hardware for DES (in sca101 folder).

Lab name:

Lab 3_3 - DPA on Firmware Implementation of AES (MAIN)-modes

sbox:

sbox=[0x02, 0x0C, 0x04, 0x01, 0x07, 0x0A, 0x0B, 0x06, 0x08, 0x05, 0x03, 0x0F, 0x0D, 0x00, 0x0E, 0x09,
0x0E, 0x0B, 0x02, 0x0C, 0x04, 0x07, 0x0D, 0x01, 0x05, 0x00, 0x0F, 0x0A, 0x03, 0x09, 0x08, 0x06,
0x04, 0x02, 0x01, 0x0B, 0x0A, 0x0D, 0x07, 0x08, 0x0F, 0x09, 0x0C, 0x05, 0x06, 0x03, 0x00, 0x0D,
0x0B, 0x08, 0x0C, 0x07, 0x01, 0x0E, 0x02, 0x0D, 0x06, 0x0F, 0x00, 0x09, 0x0A, 0x04, 0x05, 0x03,
0x0C, 0x01, 0x0A, 0x0F, 0x09, 0x02, 0x06, 0x08, 0x00, 0x0D, 0x03, 0x04, 0x0E, 0x07, 0x05, 0x0B,
0x0A, 0x0F, 0x04, 0x02, 0x07, 0x0C, 0x09, 0x05, 0x06, 0x01, 0x0D, 0x0E, 0x00, 0x0B, 0x03, 0x08,
0x09, 0x0E, 0x0F, 0x05, 0x02, 0x08, 0x0C, 0x03, 0x07, 0x00, 0x04, 0x0A, 0x01, 0x0D, 0x0B, 0x06,
0x04, 0x03, 0x02, 0x0C, 0x09, 0x05, 0x0F, 0x0A, 0x0B, 0x0E, 0x01, 0x07, 0x06, 0x00, 0x08, 0X0D,
0X04, 0X0B, 0X02, 0X0E, 0X0F, 0X00, 0X08, 0X0D, 0X03, 0X0C, 0X09, 0X07, 0X05, 0X0A, 0X06, 0X01,
0X0D, 0X00, 0X0B, 0X07, 0X04, 0X09, 0X01, 0X0A, 0X0E, 0X03, 0X05, 0X0C, 0X02, 0X0F, 0X08, 0X06,
0X01, 0X04, 0X0B, 0X0D, 0X0C, 0X03, 0X07, 0X0E, 0X0A, 0X0F, 0X06, 0X08, 0X00, 0X05, 0X09, 0X02,
0X06, 0X0B, 0X0E, 0X08, 0X01, 0X04, 0X0A, 0X07, 0X09, 0X05, 0X00, 0X0F, 0X0E, 0X02, 0X03, 0X0C,
0X0D, 0X02, 0X08, 0X04, 0X06, 0X0F, 0X0B, 0X01, 0X0A, 0X09, 0X03, 0X0E, 0X05, 0X00, 0X0C, 0X07,
0X01, 0X0F, 0X0D, 0X08, 0X0A, 0X03, 0X07, 0X04, 0X0C, 0X05, 0X06, 0X0B, 0X00, 0X0E, 0X09, 0X02,
0X07, 0X0B, 0X04, 0X01, 0X09, 0X0C, 0X0E, 0X02, 0X00, 0X06, 0X0A, 0X0D, 0X0F, 0X03, 0X05, 0X08,
0X02, 0X01, 0X0E, 0X07, 0X04, 0X0A, 0X08, 0X0D, 0X0F, 0X0C, 0X09, 0X00, 0X03, 0X05, 0X06, 0X0B]

rest of code is same as it was same for AES. Should I use different code to break DES? Kindly guide me regarding this as well.

UsamaMuddassar · October 17, 2023, 10:48am

@jpthibault I have managed to run the code using AVRCRYPTOLIB and successfully captured traces, but I am getting wrong key of DES. Kindly guide me

Key_known [0] = 0xE9
0xE3
0x42
0xD0
0x9F
0x0C
0x63
0xB5

guessed key

Subkey KGuess Correlation
00 0x2D 0.43935
01 0x34 0.40736
02 0x07 0.49465
03 0x3D 0.41528
04 0x23 0.44157
05 0x07 0.42139
06 0x3C 0.45092
07 0x1F 0.41281

jpthibault · October 17, 2023, 2:07pm

Hi Usama,

You cannot take an AES leakage model and just swap the AES sbox for the DES sbox.
We used to have a DES tutorial, which you can see calls for a different leakage model; we have not kept it up to date due to lack of interest.

UsamaMuddassar · October 18, 2023, 4:17am

@jpthibault I have used same DES leakage model as mentioned in the tutorial. But it is not giving correct round 1 key. Kindly guide me regarding this. Do I need to change the SBox in theDES.py file?

Also, I am setting key as following (I want to ask if it is correct or not?)

from tqdm import tnrange
ktp = cw.ktp.Basic()
ktp.fixed_key = False
ktp.fixed_text = False
ktp.key_len = 8
ktp.text_len = 8
target.output_len = 8
for i in tnrange(num_traces, desc=‘Capturing traces’):
key,text = ktp.next() # manual creation of a key, text pair can be substituted here
scope.arm()
trace = cw.capture_trace(scope, target, text, key)
if trace is None:
continue
project.traces.append(trace)
plot.send(trace)
print(key)

jpthibault · October 18, 2023, 12:40pm

Can you show me the attack portion of your script?

UsamaMuddassar · October 20, 2023, 4:32am

@jpthibault sure, following is code to capture traces:

from tqdm import tnrange
ktp = cw.ktp.Basic()
ktp.fixed_key = False
ktp.fixed_text = False
ktp.key_len = 8
ktp.text_len = 8
target.output_len = 8
for i in tnrange(num_traces, desc=‘Capturing traces’):
key,text = ktp.next() # manual creation of a key, text pair can be substituted here
scope.arm()
key=bytearray([0x2B, 0x7E, 0x15, 0x16, 0x28, 0xAE, 0xD2, 0xA6])
trace = cw.capture_trace(scope, target, text, key)
if trace is None:
continue
project.traces.append(trace)
plot.send(trace)
print(key)

and the attack part is as follows:

import chipwhisperer as cw
import chipwhisperer.analyzer as cwa
proj = cw.open_project(“projects/Tutorial_B5”)

I have saved the DES.py code as DESnew.py

from chipwhisperer.analyzer.attacks.models.DESnew import DES, SBox_output
leak_model = DES(SBox_output)

printing attack details:

attack = cwa.cpa(proj, leak_model)
print(attack)

running attack:

results = attack.run()
results

UsamaMuddassar · October 23, 2023, 7:09am

@jpthibault I am waiting for your reply