pyecsca.sca.re.rpa module

Provides functionality inspired by the Refined-Power Analysis attack by Goubin [RPA].

class pyecsca.sca.re.rpa.MultipleContext[source]

Bases: Context

Context that traces the multiples of points computed.

base: Optional[Point]

The base point that all the multiples are counted from.

points: MutableMapping[Point, int]

The mapping of points to the multiples they represent (e.g., base -> 1).

parents: MutableMapping[Point, List[Point]]

The mapping of points to the formula types they are a result of.

formulas: MutableMapping[Point, str]

The mapping of points to their parent they were computed from.

inside: bool
enter_action(action)[source]

Enter into an action (i.e. start executing it).

Parameters:

action (Action) – The action.

Return type:

None

exit_action(action)[source]

Exit from an action (i.e. stop executing it).

Parameters:

action (Action) – The action.

Return type:

None

pyecsca.sca.re.rpa.rpa_point_0y(params)[source]

Construct an (affine) [RPA] point (0, y) for given domain parameters.

Return type:

Optional[Point]

pyecsca.sca.re.rpa.rpa_point_x0(params)[source]

Construct an (affine) [RPA] point (x, 0) for given domain parameters.

Return type:

Optional[Point]

pyecsca.sca.re.rpa.rpa_input_point(k, rpa_point, params)[source]

Construct an (affine) input point P that will lead to an RPA point [k]P.

Return type:

Point

pyecsca.sca.re.rpa.rpa_distinguish(params, multipliers, oracle, bound=None, tries=10, majority=1, use_init=True, use_multiply=True)[source]

Distinguish the scalar multiplier used (from the possible multipliers) using an [RPA] oracle.

Parameters:

  • params (DomainParameters) – The domain parameters to use.

  • multipliers (List[ScalarMultiplier]) – The list of possible multipliers.

  • oracle (Callable[[int, Point], bool]) – An oracle that returns True when an RPA point is encountered during scalar multiplication of the input by the scalar.

  • bound (Optional[int]) – A bound on the size of the scalar to consider.

  • tries (int) – Number of tries to get a non-trivial tree.

  • majority (int) – Query the oracle up to majority times and take the majority vote of the results.

  • use_init (bool) – Whether to consider the point multiples that happen in scalarmult initialization.

  • use_multiply (bool) – Whether to consider the point multiples that happen in scalarmult multiply (after initialization).

Return type:

Set[ScalarMultiplier]

Returns:

The list of possible multipliers after distinguishing (ideally just one).

class pyecsca.sca.re.rpa.RPA(configs)[source]

Bases: RE

tree: Optional[Tree] = None
configs: Set[Any]
params: Optional[DomainParameters] = None
P0: Optional[Point] = None
scalars: Optional[List[int]] = None
build_tree(params, tries=10, bound=None, use_init=True, use_multiply=True)[source]
run(oracle, majority=1)[source]
Return type:

Set[ScalarMultiplier]