/*
  eggTimer.java

  6.857: Network and Computer Security 
  November 20, 2001 
  Shalini Agarwal, Steve Bull, Christine Karlovich, Casey Muller
*/

import java.io.*;
import java.util.*;

public class eggTimer
{
    static final int TIME = 0;
    static final int TRIALS = 1;

    public static void main(String args[]) throws Exception
    {
	
	int experiments = 6272; 
	int rounds = 3;

	Random rnd = new Random();
	eggSmartCard egg = new eggSmartCard();

	short[] key = new short[32];
	String key_string;

	float[][] scramble_time_0 = new float[192][2]; // corresponds to input (plaintext) bit being 0
	float[][] scramble_time_1 = new float[192][2];

	short[] plaintext = new short[8];
	short[] ciphertext = new short[8];
	byte[] temp_bytes = new byte[8];
	float scramble_time;
	float avg_scramble;
	int decision_pt;

	int i;
	int j;
	int k;
	int l;
	int n;
	int r;
	short antimask;

	short[][] all_plaintexts = new short[experiments][8];
	float[] all_scrambletimes = new float[experiments];

	for (n=0; n<experiments; n++) {
	    rnd.nextBytes(temp_bytes);
	    for (i=0; i<8; i++) {
		all_plaintexts[n][i] = (short) (((short)temp_bytes[i]+256) % 256);
		}	
	    all_scrambletimes[n] = egg.timeScramble(all_plaintexts[n], ciphertext);
	}

  	for (r=0; r<rounds; r++) {

	    for (n=0; n<experiments; n++) {
		for (i=0; i<8; i++) {
		    plaintext[i] = all_plaintexts[n][i];
		}
		scramble_time = all_scrambletimes[n];

		for (l=0; l<r; l++) {
		    for (i=0; i<8; i++) {
			plaintext[i] ^= key[i+8*l];
		    }
		    scramble_time -= eggSmartCard.onesIn(plaintext);
		    eggSmartCard.f(eggSmartCard.M,plaintext);
		    for (i=0; i<8; i++) {
			plaintext[i] = eggSmartCard.sbox[plaintext[i]];
		    }
		}

		for (k=8*r; k<8*r+8; k++) {
		    for (j=0; j<8; j++) {
			antimask = (short) (0x80 >>> j);
			if ((plaintext[k-8*r] & antimask) == 0) {
			    scramble_time_0[8*k+j][TIME] += scramble_time;
			    scramble_time_0[8*k+j][TRIALS]++;
			} else {
			    scramble_time_1[8*k+j][TIME] += scramble_time;
			    scramble_time_1[8*k+j][TRIALS]++;
			}
		    }
		}
	    }

	    decision_pt = 32*(rounds-r-1) + 32;

	    for (k=8*r; k<8*r+8; k++) {
		for (j=0; j<8; j++) {
		    antimask = (short) (0x80 >>> j);
		    if (scramble_time_0[8*k+j][TRIALS] > scramble_time_1[8*k+j][TRIALS]) {
			avg_scramble = scramble_time_0[8*k+j][TIME] / scramble_time_0[8*k+j][TRIALS];
			if (avg_scramble < decision_pt) {
			    key[k] &= 0xFF - antimask;
			} else {
			    key[k] |= antimask;
			}    
		    } else {
			avg_scramble = scramble_time_1[8*k+j][TIME] / scramble_time_1[8*k+j][TRIALS];
			if (avg_scramble < decision_pt) {
			    key[k] |= antimask;
			} else {
			    key[k] &= 0xFF - antimask;
			}    
		    }
		}
	    }
	}

	for (i=0; i<8; i++) {
	    plaintext[i] = all_plaintexts[experiments-1][i];
	    // the ciphertext for this last experiment is still in "ciphertext"
	}
	for (r=0; r<rounds; r++) {
	    for (i=0; i<8; i++) {
		plaintext[i] ^= key[i+8*r];
	    }
	    eggSmartCard.f(eggSmartCard.M,plaintext);
	    for (i=0; i<8; i++) {
		plaintext[i] = eggSmartCard.sbox[plaintext[i]];
	    }
	}
	for (i=0; i<8; i++) {
	    key[8*rounds+i] = (short) (plaintext[i] ^ ciphertext[i]);
	}

	key_string = convert(key);
	System.out.println(key_string.substring(0,47));
	System.out.println(key_string.substring(48,95));
	System.out.println(key_string.substring(96,143));
	System.out.println(key_string.substring(144,190));

    }

    /* most of the following code was borrowed from Apache */
    public static String convert(short[] bytes) {
        StringBuffer sb = new StringBuffer(bytes.length * 2);
        for (int i = 0; i < bytes.length; i++) {
	    sb.append("0x");
            sb.append(convertDigit((int) (bytes[i] >> 4)));
            sb.append(convertDigit((int) (bytes[i] & 0x0f)));
	    sb.append(", ");
        }
        return (sb.toString());

    }

    private static char convertDigit(int value) {
        value &= 0x0f;
        if (value >= 10)
            return ((char) (value - 10 + 'A'));
        else
            return ((char) (value + '0'));

    }
}