Go to a1 directory and use command make to compile
By default, the server runs at 127.0.0.1 on port 17777, and the client listens to it.
./server.out <p_bits>
p_bits: optional, the length of P in bits, e.g.12, default8
./client.out
server.cpp:
This file contains the server code.
- Listen to port 17777.
- Accept the client.
- Generate random 128-bit R and P of length
p_bits. - Transmit the hex-encoded challenge to the client.
- Wait for the response. Close the connection if it takes too long.
- Verify the response from the client.
- Transmit
welcomeif the response is valid. Otherwise, close the connection.
client.cpp:
This file contains the client code.
- Connect to server at 127.0.0.1 on port 17777.
- Get challenge.
- Do proof of work.
- Give up if it takes too long.
- Transmit answer to the server.
- Wait for the response.
- Close the connection.
custom_utils.h:
This file contains shared helper functions.
The processing time varies, especially when p_bits is large, such as 16.
./timing_attack.out <username> <number_of_trials> <password>
username: the username, e.g.user1, defaulty396zhaonumber_of_trials: optional, the number of trials for each letter, default15000password: optional, the prefix of the password, should be empty at the beginning
./timing_attack.out user1
./timing_attack.out user1 15000 f
./timing_attack.out user1 15000 fi
- Connect to the server at 127.0.0.1 on port 10458.
- Transmit the username.
- Wait for 100000us.
- Transmit current password if not empty. Return if the password is correct.
- Iterate a large number of times for each letter to get statistics.
- Find the next letter using 95% confidence intervals.
- If there is overlapping between the chosen letter and any other letter, stop and report. Otherwise, append the chosen letter to the password.
- Go back to step 4.
Since 95% confidence intervals are used to determine the letter, there is uncertainty especially when cracking the last letter of the password.
Collaborated with Liang-Hsuan Ma (l63ma).