Skip to content

These are three PowerShell scripts that demonstrate in a very basic manner what timing side-channel vulnerabilities are.

License

Notifications You must be signed in to change notification settings

mpb10/Timing-Side-Channel-Vulnerability

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

24 Commits
 
 
 
 
 
 

Repository files navigation

Timing-Side-Channel-Vulnerability

https://github.com/mpb10/Timing-Side-Channel-Vulnerability

These are three PowerShell scripts that demonstrate in a very basic manner what timing side-channel vulnerabilities are.

Author: mpb10

April 25th, 2018

v1.0.0

In a very, very basic manner, these three scripts represent a login server that compares a user provided password hash with a stored password hash. If the two hashes match, the user is "authenticated".

USAGE

To use the scripts, run them via the PowerShell command line and provide two string parameters that are 32 characters in length each (these represent MD5 hashes).

Example: .\VulnerableScript.ps1 5f4dcc3b5aa765d61d8327deb882cf99 5f4dcc3b5aa763dfj63575d83eb2c3go

EXPLANATION

The VulnerableScript.ps1 script is vulnerable to timing side-channel attacks because the script exits the while-loop used in the hash comparison and returns the results as soon as it realizes they do not match. An attacker can pay attention to how long it took the script to compare the hashes in order to tell how close their hash is to the actual one.

The SecureScript-Option1.ps1 script fixes this vulnerability by always taking a set amount of time to return the results of the comparison to the user, even if the script realizes that the hashes don't match and exits the while-loop early on. The SecureScript-Option2.ps1 script fixes this vulnerability in a different way by continuing through the while-loop even after the script realizes that the hashes don't match. The goal here is to always return the results after the same or very close amount of time.

About

These are three PowerShell scripts that demonstrate in a very basic manner what timing side-channel vulnerabilities are.

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published