crypto101 / exercises Goto Github PK

Demonstrate why doing a byte-by-byte comparison of two values which terminates as soon as the two differentiate is vulnerable to timing attacks.

return "digest_abc" == "digest_xyz"

So, basically, prove that per-user salts and using HMAC instead of whatever still doesn't fix anything.

Example text:

A company's intranet login (accessible at hmac-password-store-intranet) was recently compromised with a SQL injection attack. They have fixed the issue since then, but the breach resulted in a complete user table dump. You can access it at hmac-password-store-csv-dump.

Fortunately, they didn't store the passwords in plaintext. It even appeared to tick all the right boxes.

• they used a cryptographically secure hash function (SHA-256).
• they used a per-user salt.
• they used HMAC to mix the salt with the password (with the salt as the key).

Log in as the admin user.

Here's an example exercise text:

There's a guest list for a cool party that you really want to get in to. The party has a guest list on a website. You can access it as guest-list. The website shows the current guest list, and lets you upload a new one. The guest list is a newline-separated list of people.

The party organizers only want people who know the secret password to be able to update the list. Because one of them is very smart, they didn't want to just make you submit the password, where anyone could intercept it. Instead, you have to produce a signature like so:

signature = sha256(password + guest_list)

Add the e-mail address you used to register to the end of the list.

Right now it does string based checking which is kinda lame.