tacet 0.4.2

Detect timing side channels in cryptographic code
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291

//! Main power analysis function.
//!
//! This module provides the entry point for power side-channel analysis,
//! connecting the feature extraction pipeline to the Bayesian inference engine.

use super::config::Config;
use super::dataset::Dataset;
use super::features::{compute_class_difference, compute_pooled_covariance, extract_features};
use super::report::{DimensionInfo, PowerDiagnostics, PowerOutcome, Report};

/// Analyze a dataset for power side-channel leakage.
///
/// This is the main entry point for power analysis. It:
/// 1. Validates the dataset
/// 2. Extracts features from traces
/// 3. Computes class difference and covariance
/// 4. Runs Bayesian inference
/// 5. Returns a detailed report
///
/// # Arguments
///
/// * `dataset` - The dataset to analyze
/// * `config` - Analysis configuration
///
/// # Returns
///
/// A `Report` containing the analysis results, including leak probability,
/// effect estimates, and localization information.
///
/// # Example
///
/// ```ignore
/// use tacet::power::{Dataset, Trace, Class, Config, analyze};
///
/// let traces = vec![
///     Trace::new(Class::Fixed, vec![1.0, 2.0, 3.0, 4.0]),
///     Trace::new(Class::Random, vec![1.1, 2.1, 3.1, 4.1]),
/// ];
/// let dataset = Dataset::new(traces);
/// let config = Config::default();
/// let report = analyze(&dataset, &config);
///
/// println!("Leak probability: {:.1}%", report.leak_probability * 100.0);
/// ```
pub fn analyze(dataset: &Dataset, config: &Config) -> Report {
    // 1. Validate dataset
    if let Err(e) = dataset.validate() {
        let dim = DimensionInfo::new(config.feature_dimension(), 0.0);
        return Report::new(
            PowerOutcome::Inconclusive {
                reason: format!("Dataset validation failed: {}", e),
                leak_probability: 0.5,
            },
            dim,
        );
    }

    // 2. Extract features
    let features = extract_features(dataset, config);

    // 3. Compute statistics
    let difference = compute_class_difference(&features);
    let _covariance = compute_pooled_covariance(&features);

    // 4. Compute effective sample size
    // For now, use simple pooled n_eff (will integrate IACT later)
    let n_fixed = features.fixed_count();
    let n_random = features.random_count();
    let n_total = n_fixed + n_random;
    let n_eff = (n_fixed as f64 * n_random as f64) / n_total as f64;

    // 5. Dimension info
    let d = features.dimension;
    let dim_info = DimensionInfo::new(d, n_eff);

    // 6. Compute max effect (simple approach for now)
    let max_effect = difference
        .iter()
        .map(|v| v.abs())
        .max_by(|a, b| a.partial_cmp(b).unwrap())
        .unwrap_or(0.0);

    // 7. Estimate noise floor (θ_floor)
    // Use standard error of the difference as a proxy
    let se_per_dim: Vec<f64> = difference
        .iter()
        .enumerate()
        .map(|(i, _)| {
            // Compute standard error for this dimension
            let mut var_fixed = 0.0;
            let mut var_random = 0.0;

            for tf in &features.fixed {
                let diff = tf.features[i] - difference[i];
                var_fixed += diff * diff;
            }
            for tf in &features.random {
                let diff = tf.features[i];
                var_random += diff * diff;
            }

            if n_fixed > 1 {
                var_fixed /= (n_fixed - 1) as f64;
            }
            if n_random > 1 {
                var_random /= (n_random - 1) as f64;
            }

            let pooled_var = var_fixed / n_fixed as f64 + var_random / n_random as f64;
            pooled_var.sqrt()
        })
        .collect();

    let theta_floor = se_per_dim
        .iter()
        .max_by(|a, b| a.partial_cmp(b).unwrap())
        .copied()
        .unwrap_or(0.0);

    let theta_eff = theta_floor * config.floor_multiplier;

    // 8. Simple decision logic (will be replaced with full Bayesian inference)
    // For now, use a t-test-like approach
    let max_t_stat = if theta_floor > 1e-10 {
        max_effect / theta_floor
    } else {
        0.0
    };

    // Rough approximation of leak probability based on t-statistic
    // This will be replaced with proper Bayesian posterior computation
    let leak_probability = if max_t_stat > 0.0 {
        // Use normal CDF approximation via statrs
        use statrs::distribution::{ContinuousCDF, Normal};
        let normal = Normal::new(0.0, 1.0).unwrap();
        normal.cdf(max_t_stat)
    } else {
        0.5
    };

    // 9. Determine outcome
    let outcome = if leak_probability < config.pass_threshold {
        PowerOutcome::Pass {
            leak_probability,
            max_effect,
        }
    } else if leak_probability > config.fail_threshold {
        // Simple CI estimate (will be replaced with posterior CI)
        let ci_width = 1.96 * theta_floor;
        PowerOutcome::Fail {
            leak_probability,
            max_effect,
            max_effect_ci95: (max_effect - ci_width, max_effect + ci_width),
        }
    } else {
        PowerOutcome::Inconclusive {
            reason: "Posterior probability between thresholds".to_string(),
            leak_probability,
        }
    };

    // 10. Build diagnostics
    let diagnostics = PowerDiagnostics {
        n_fixed,
        n_random,
        n_total,
        n_eff,
        iact_fixed: 1.0,
        iact_random: 1.0,
        iact_combined: 1.0,
        theta_floor,
        block_length: 1,
        gibbs_samples: 0,
        gibbs_burnin: 0,
        convergence: None,
        warnings: Vec::new(),
    };

    // 11. Build report
    let mut report = Report::new(outcome, dim_info);
    report.max_effect = max_effect;
    report.theta_floor = theta_floor;
    report.floor_multiplier = config.floor_multiplier;
    report.theta_eff = theta_eff;
    report.units = dataset.units.clone();
    report.feature_family = config.feature_family;
    report.diagnostics = diagnostics;

    report
}

#[cfg(test)]
mod tests {
    use super::super::config::PreprocessingConfig;
    use super::super::dataset::{Class, Trace};
    use super::*;

    #[test]
    fn test_analyze_empty_dataset() {
        let dataset = Dataset::new(vec![]);
        let config = Config::default();
        let report = analyze(&dataset, &config);

        assert!(!report.outcome.is_conclusive());
    }

    #[test]
    fn test_analyze_identical_classes() {
        // Create traces with nearly identical values between classes
        let traces: Vec<Trace> = (0..50)
            .map(|i| {
                let class = if i % 2 == 0 {
                    Class::Fixed
                } else {
                    Class::Random
                };
                Trace::new(class, vec![1.0, 2.0, 3.0, 4.0])
            })
            .collect();

        let dataset = Dataset::new(traces);
        let mut config = Config::new().with_partitions(2);
        // Disable preprocessing to test raw data comparison
        config.preprocessing = PreprocessingConfig::none();

        let report = analyze(&dataset, &config);

        // With identical data, max_effect should be ~0
        assert!(
            report.max_effect.abs() < 1e-6,
            "max_effect should be ~0 for identical data, got {}",
            report.max_effect
        );
    }

    #[test]
    fn test_analyze_different_classes() {
        // Create traces with clear difference between classes
        let mut traces = Vec::new();

        // Fixed class: higher values
        for i in 0..25 {
            traces.push(Trace::with_id(
                Class::Fixed,
                vec![10.0, 20.0, 30.0, 40.0],
                i as u64,
            ));
        }

        // Random class: lower values
        for i in 25..50 {
            traces.push(Trace::with_id(
                Class::Random,
                vec![0.0, 1.0, 2.0, 3.0],
                i as u64,
            ));
        }

        let dataset = Dataset::new(traces);
        let mut config = Config::new().with_partitions(2);
        config.preprocessing = PreprocessingConfig::none();

        let report = analyze(&dataset, &config);

        // With clear difference, should have high leak probability
        assert!(report.leak_probability > 0.9);
        assert!(report.max_effect > 5.0);
    }

    #[test]
    fn test_analyze_report_fields() {
        let traces = vec![
            Trace::new(Class::Fixed, vec![1.0, 2.0, 3.0, 4.0]),
            Trace::new(Class::Fixed, vec![1.1, 2.1, 3.1, 4.1]),
            Trace::new(Class::Random, vec![1.0, 2.0, 3.0, 4.0]),
            Trace::new(Class::Random, vec![0.9, 1.9, 2.9, 3.9]),
        ];

        let dataset = Dataset::new(traces);
        let config = Config::new().with_partitions(2).with_floor_multiplier(3.0);

        let report = analyze(&dataset, &config);

        // Check that fields are populated
        assert_eq!(report.diagnostics.n_fixed, 2);
        assert_eq!(report.diagnostics.n_random, 2);
        assert_eq!(report.dimension.d, 2);
        assert!(report.diagnostics.n_eff > 0.0);
        assert_eq!(report.floor_multiplier, 3.0);
    }
}