• Stars
    star
    180
  • Rank 213,097 (Top 5 %)
  • Language
    Ruby
  • Created over 9 years ago
  • Updated 6 months ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Side-Channel Attacks on Everyday Applications

This repository contains the source code and experiment data accompanying Taylor Hornby's talk at Black Hat 2016 titled "Side-Channel Attacks on Everyday Applications."

  • blackhat: Black Hat talk stuff, like my CFP submission and talk slides.
  • cpsc502: Assignments for my undergraduate research project at the University of Calgary.
  • experiments: Experiment implementations and all saved experiment run data.
  • flush-reload: Attack tools, including:
    • flush-reload/original-from-authors: The original authors' implementaiton of Flush+Reload.
    • flush-reload/myversion: My rewrite of the Flush+Reload attack tool.
      • flush-reload/myversion/ruby: The high-level attack tools.
      • flush-reload/myversion/automation: Automated probe-finding tools.
    • flush-reload/cachebench: A tool for timing the difference between cached and non-cached memory accesses.
    • flush-reload/rdtsc-consistency: A tool to check if the RDTSC timestamp behaves monotonically.
  • paper: The LaTeX source code to the accompanying paper.
  • source: Source files, e.g. the PDF files for the libpoppler input distinguishing attack.

Getting Started

For step-by-step instructions to perform an attack on your own system, see the Getting Started Guide.

Contributing

This most recent version of this code lives on GitHub. Pull requests are welcome, although I have very limited time to review and merge them. Please fork this project if I'm inhibiting your progress!

Acknowledgements

The code directly inside the flush-reload folder was provided by Yuval Yarom, one of the authors of FLUSH+RELOAD: a High Resolution, Low Noise, L3 Cache Side-Channel Attack. The code inside flush-reload/myversion is a complete re-write, based on the original code.

I would like to thank Prof. John Aycock at the University of Calgary for serving as my advisor when I was working on this project for my undergrad thesis. Our discussions helped carry the project to the results included here. He also contributed edits and improvements to an earlier version of the paper.

Contact

Taylor's contact information is available on his website.

More Repositories

1

php-encryption

Simple Encryption in PHP.
PHP
3,784
star
2

swatd

Run a script when one or more sensors fail.
C
869
star
3

password-hashing

Password hashing code.
PHP
856
star
4

crackstation-hashdb

CrackStation.net's Lookup Table Implementation.
PHP
365
star
5

sockstress

Sockstress (TCP DoS) implementation.
C
205
star
6

crackstation

Source code for my crackstation.net website.
Hack
132
star
7

passgen

A password generator.
C++
78
star
8

defuse.ca

The source code to my defuse.ca website.
HTML
67
star
9

phpcount

A unique hit counter that respects users' privacy.
PHP
62
star
10

email-spoofing

Ruby script for spoofing SMTP emails.
Ruby
43
star
11

php-passgen

Generating passwords in PHP.
PHP
38
star
12

gas-obfuscation

Extremely simple but inefficient x86-64 assembly obfuscation.
Ruby
34
star
13

dnsfs

Host files with DNS
Ruby
32
star
14

yescrypt

Non-C Implementations of the yescrypt KDF.
C
29
star
15

helloworld-cms

A simple content display system in PHP.
PHP
27
star
16

DAWr

The start of a library for building a DAW and/or sound experiments in Rust
Rust
26
star
17

airgap

Design for an economical and simple air-gapped system.
25
star
18

WinPassGen

A Windows Password Generator.
C
24
star
19

pastebin

The defuse.ca pastebin.
PHP
23
star
20

phphashcrack

A PHP hash cracker.
PHP
22
star
21

encutil

Example of how to build a command-line file encryption utility with defuse/php-encryption.
PHP
20
star
22

synergy-crack

Synergy 1.4.12 cracking tool.
Ruby
17
star
23

cuda-md5

Old NVIDIA CUDA implementation of salted MD5 brute-force
C++
17
star
24

ictm

A user-first approach to threat modeling.
14
star
25

x86rc4

A tiny x86 implementation of RC4
Assembly
13
star
26

php-newsgroups

Newsgroup-style PHP forum.
PHP
12
star
27

elfplayer

Visualize an ELF's execution
JavaScript
10
star
28

backup-verify

Tool for verifying backups and comparing directories.
Ruby
9
star
29

passgenr

A library for generating cryptographically-secure passwords in Rust.
Rust
8
star
30

canvas

Practice HTML5 Canvas.
JavaScript
6
star
31

textractor

Extract strings from files to make wordlists.
C#
6
star
32

vim

My GVim Configuration
Vim Script
6
star
33

image-passwords

HTML5 Canvas: Generating keys from memorable image sequences.
JavaScript
5
star
34

truecrypt-archive

Archive of all TrueCrypt 7.1a files
Standard ML
4
star
35

defuse_failover

(Old) How I used to do implement failover for defuse.ca.
Shell
4
star
36

gnutls-psk

Example TLS PSK client/server.
C
4
star
37

gadgetrie

A simple gadget finder for Return Oriented Programming
C
4
star
38

js-encryption

SJCL (JavaScript) encryption example.
JavaScript
3
star
39

vst_plugin

Example VST2 plugin in Rust.
Rust
2
star
40

eotp

https://defuse.ca/eotp.htm
Java
2
star
41

nova-extractor

WIP implementation of the extractor in Nova's security proof
Rust
2
star
42

passwordtrainer

A script for memorizing/practicing passwords.
Ruby
2
star
43

php-login

A (half-finished) PHP login system.
PHP
2
star
44

stemviz

JavaScript
2
star
45

https-mockups

Negative feedback for insecure web connections.
2
star
46

afl-demo

C
2
star
47

vimhl

Syntax highlighting in PHP with Vim.
PHP
2
star
48

sudoku-solver

A simple sudoku solver in Ruby
Ruby
2
star
49

pfs-experiments

Testing perfect forward secrecy in the short term.
Ruby
1
star
50

tix

A command-line ticket system in Ruby.
Ruby
1
star
51

bqp

Source code for my bqp.io website.
HTML
1
star
52

juggler-pow

A memory-but-not-time asymmetric proof-of-work function.
C
1
star
53

hypothetico-web

Hypothetico e-zine website
PHP
1
star
54

popularaccess

popularaccess.org
1
star
55

upload

File transfer upload script.
Shell
1
star
56

wavetool

A tool for processing/analyzing Serum wavetables.
Rust
1
star
57

nsa-letter

A letter to Canadian MPs about the NSA
1
star
58

qcircuitgen

Easily draw quantum circuits for LaTeX's picture environment
Ruby
1
star
59

codefiles

A Ruby on Rails blog.
Ruby
1
star