Pinata is a development board (ARM Cortex-M4F) that has been modified and programmed in order to be a training target for Side Channel Analysis (SCA) and Fault Injection (FI) attacks.
This section details the functions that Pinata is able to perform (additional details can be found in the manual).
| Abbreviation | Meaning |
|---|---|
| ENC | Encrypt |
| DEC | Decrypt |
| SIG | Sign |
| VER | Verify |
| SW | HW | ||
|---|---|---|---|
| DES | |||
| Standard | ENC, DEC | ENC, DEC | |
| Countermeasures (selectable) | ENC | - | |
| 3DES2 | |||
| Standard | ENC, DEC | ENC, DEC |
| SW | HW | ||
|---|---|---|---|
| AES-128 | |||
| Standard | ENC, DEC | ENC, DEC | |
| Countermeasures (selectable) | ENC, DEC | - | |
| T-tables | ENC, DEC | - | |
| Masked | ENC, DEC | - | |
| AES-256 | |||
| Standard | ENC, DEC | ENC, DEC |
| SW | HW | ||
|---|---|---|---|
| SM4 | |||
| Textbook | ENC, DEC | - | |
| OpenSSL | ENC, DEC | - |
| SW | HW | ||
|---|---|---|---|
| PRESENT | |||
| Textbook | ENC, DEC | - |
| SW | HW | ||
|---|---|---|---|
| RSA-1024 | |||
| CRT | DEC | - | |
| RSA-512 | |||
| SFM: Full | DEC | - | |
| SFM: Exponentiation only | DEC | - |
| SW | HW | ||
|---|---|---|---|
| ECC25519 | - | ||
| Scalar multiplication | v | - |
| SW | HW | ||
|---|---|---|---|
| SM2 | - | ||
| Standard | ENC, DEC, SIG | - |
| SW | HW | ||
|---|---|---|---|
| CRYSTALS-Dilithium | - | ||
| LEVEL2 | - | - | |
| LEVEL3 | SIG, VER | - | |
| LEVEL5 | - | - | |
| CRYSTALS-Kyber | |||
| 512 | ENC, DEC | - | |
| 768 | - | - | |
| 1024 | - | - | |
| 512-90s | - | - | |
| 768-90s | - | - | |
| 1024-90s | - | - |
| SW | HW | ||
|---|---|---|---|
| SHA1 | |||
| Standard | - | v | |
| Hardware only |
| SW | HW | ||
|---|---|---|---|
| SHA1 | |||
| Standard | ENC | - |
| SW | HW | ||
|---|---|---|---|
| SM3 | |||
| Standard | v | - |
You can build pinata firmware either using wsl or on a native linux machine. The description bellow is based on an UBUNTU 22.04 machine. These steps will also work for wsl, but to get access to the Pinata board in wsl, see the troubleshooting steps about Windows and wsl.
For cross - compiling the STM32F4Discovery board, you will need a gcc-arm-none-eabi toolchain and cmake
sudo apt-get install gcc-arm-none-eabi cmakeFor flashing the STM32F4Discovery board, you will need the dfu-util toolkit:
sudo apt-get install dfu-utilFor cross-compiling pinata:
cmake -DCMAKE_TOOLCHAIN_FILE=gcc-arm-none-eabi.toolchain.cmake -S. -Bbuild && cmake --build buildThis will compile all Pinata variations. Output binaries can be found in the build folder.
Example of compiling a particular firmware:
cmake --build build --target classic_binAdd a udev rule for the Pinata:
sudo mkdir -p /etc/udev/rules.d && echo 'SUBSYSTEM=="usb", ATTRS{idVendor}=="0483", MODE="0666", GROUP="plugdev"' | sudo tee /etc/udev/rules.d/69-pinata.rulesAdd user to the plugdev group:
sudo usermod -a -G plugdev $USERCheck if the physical Pinata is connected to the build machine using the micro USB port on the Pinata.
Run the following command for flashing classic firmware
cmake --build build --target classic_flashNote that this command also makes sure the firmware binary is up-to-date, so for quick iteration loops you can just always run this after editing source code.
For more information on testing Pinata functionality, see PinataTests/README.md.
lsusbExample output:
Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
Bus 002 Device 003: ID 0483:df11 STMicroelectronics STM Device in DFU Mode
Bus 002 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
dfu-util --listExample output:
Found DFU: [0483:df11] ver=2200, devnum=3, cfg=1, intf=0, path="2-2", alt=3, name="@Device Feature/0xFFFF0000/01*004 e", serial="208338865643"
Found DFU: [0483:df11] ver=2200, devnum=3, cfg=1, intf=0, path="2-2", alt=2, name="@OTP Memory /0x1FFF7800/01*512 e,01*016 e", serial="208338865643"
Found DFU: [0483:df11] ver=2200, devnum=3, cfg=1, intf=0, path="2-2", alt=1, name="@Option Bytes /0x1FFFC000/01*016 e", serial="208338865643"
Found DFU: [0483:df11] ver=2200, devnum=3, cfg=1, intf=0, path="2-2", alt=0, name="@Internal Flash /0x08000000/04*016Kg,01*064Kg,07*128Kg", serial="208338865643"
In case you want to do a back up of Pinata firmware before you flash it:
dfu-util -a 0 -s 0x08000000:97812 -U backup.binUse the symbolic links in /dev/serial/by-id.
Baud rate: 115200 Word length: 8 bits Stop bits: 1 Parity: no Flow control: disabled
You need to be part of the dialout group to be able to open serial ports. Run
sudo usermod -a -G dialout $USERIf you are planning to program the Pinata using wsl or from a virtual machine in Windows, the operating system must first be able to recognize the Pinata hardware device. For that, you must install the USB driver for the device, which can be found here: https://www.st.com/en/development-tools/stsw-link009.html.
In order for wsl to have access to the pinata board, the USB port on which the board is connect needs to be connected to wsl. This can be done by following the following guide: https://learn.microsoft.com/en-us/windows/wsl/connect-usb.