def server_switch(client_sock): global SALT, v, EMAIL client_msg = (net_utils.receive_msg(client_sock)).decode("utf-8") if ":" in client_msg: switch_val, actual_msg = client_msg.split(":") else: switch_val = client_msg if switch_val == "CREATE_PASSWORD" and len(EMAIL) == 0: EMAIL, password = actual_msg.split(',') EMAIL = EMAIL.lstrip('(') password = password.rstrip(')') SALT, v = create_password(password) print("Successfully created user password {}".format(EMAIL)) net_utils.send_msg("SUCCESS", client_sock) elif switch_val == "AUTH_ATTEMPT" and len(EMAIL) != 0: net_utils.send_msg("CONTINUE", client_sock) auth_outcome = CP36.server_srp(client_sock, EMAIL, SALT, v) if auth_outcome: net_utils.send_msg("SUCCESS", client_sock) else: net_utils.send_msg("FAILED", client_sock) else: net_utils.send_msg("FAILED", client_sock)
def client(): client_sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) client_sock.connect((HOST, PROTOCOL)) # generate a needed for diffie hellman a = secrets.randbelow(MODPGROUP["1536"]) g_with_a = GroupOp.mod_exp(GENERATOR, a, MODPGROUP["1536"]) if not net_utils.send_msg("({},{})".format(g_with_a, EMAIL), client_sock): raise ValueError("Failed to send message") message_received = net_utils.receive_msg(client_sock) msg_ints = literal_eval(message_received.decode('utf-8')) salt = msg_ints[0] b_value = msg_ints[1] sha_pw_digest = sha256.SHA256() sha_pw_digest.Update( bytes("{}||{}".format(salt, PASSWORD), encoding='utf-8')) x_exp = sha_pw_digest.Sum() u_digest = sha256.SHA256() u_digest.Update(bytes("{}||{}".format(g_with_a, b_value), encoding='utf-8')) u = u_digest.Sum() v_value = GroupOp.mod_exp(GENERATOR, x_exp, MODPGROUP["1536"]) total = (b_value - (K * v_value)) % MODPGROUP["1536"] total = GroupOp.mod_exp(total, a + (x_exp * u), MODPGROUP["1536"]) key_digest = sha256.SHA256() key_digest.Update(bytes("{}".format(total), encoding='utf-8')) actual_key = (key_digest.Sum()).to_bytes(256 // 8, byteorder='big') verification_check = hmac_myimpl.SHA256_HMAC(actual_key, salt) if not net_utils.send_msg(verification_check, client_sock): raise ValueError("Could not send over pipe")
def mitm(client_sock): # client will send the value B**(a + ux) # I can't think of any possible way to get the a value completely out # of the calculation while only knowing G**a and not a # so setting u = 1 and B = generator, this will give G**a * G**x as the value the client # will be use as S for generating the key K in the HMAC computation. # Full attack: # for likely passwords pw, do the following, # calculate x = H(salt || pw) for known salt, calculate G**x and use client value G**a to # create potential S. take k = H(S) and compute HMAC(key, salt) and check this against client # output u = 1 B = CP36.GENERATOR salt = ("000").encode() # run interaction with client client_msg = (net_utils.receive_msg(client_sock)).decode("utf-8") if ":" in client_msg: switch_val, actual_msg = client_msg.split(":") else: switch_val = client_msg if switch_val == "AUTH_ATTEMPT": client_share, email = actual_msg.split(',') client_share = int(client_share.lstrip('(')) email = email.rstrip(')') server_msg = "({},{},{})".format(salt, B, u) if not net_utils.send_msg(server_msg, client_sock): raise ValueError("Failed writing to pipe") client_hmac_val = net_utils.receive_msg(client_sock) net_utils.send_msg("FAILED", client_sock) print("Beginning dictionary attack... ") res = offline_attack(client_share, salt, client_hmac_val, PASSWORD_DICT) if res: print("Found password used by victim: {}".format(res)) else: print("Was unable to find password") else: send_msg("FAILED", client_sock) return return
def simple_srp(email, client_share, client_sock): # try and receive msg from pipe b = secrets.randbelow(CP36.MODPGROUP["1536"]) salt, v = server_user_list[email] g_with_b = GroupOp.mod_exp(CP36.GENERATOR, b, CP36.MODPGROUP["1536"]) u = secrets.randbelow(2**128) server_msg = "({},{},{})".format(salt, g_with_b, u) if not net_utils.send_msg(server_msg, client_sock): raise ValueError("Failed writing to pipe") client_hmac_val = net_utils.receive_msg(client_sock) total = GroupOp.mod_exp(v,u, CP36.MODPGROUP["1536"]) total = (total * client_share) % CP36.MODPGROUP["1536"] total = GroupOp.mod_exp(total, b, CP36.MODPGROUP["1536"]) key_digest = sha256.SHA256() key_digest.Update(bytes("{}".format(total), encoding='utf-8')) actual_key = (key_digest.Sum()).to_bytes(256 // 8,byteorder='big') check_against = hmac_myimpl.SHA256_HMAC(actual_key, salt) # this comparison is very insecure if client_hmac_val == check_against: return True else: return False return
def client(email, password, new_user=False): client_sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) client_sock.connect((HOST,PROTOCOL)) if new_user: msg = "CREATE_PASSWORD:({},{})".format(email, password) if not net_utils.send_msg(msg, client_sock): raise ValueError("Failed to send message") # wait to receive a SUCCESSFUL from the server server_reply = (net_utils.receive_msg(client_sock)).decode('utf-8') if server_reply != "SUCCESS": raise ValueError("Could not create account") else: print("Successfully created account") else: # generate a needed for diffie hellman a = secrets.randbelow(CP36.MODPGROUP["1536"]) g_with_a = GroupOp.mod_exp(CP36.GENERATOR, a, CP36.MODPGROUP["1536"]) if not net_utils.send_msg("AUTH_ATTEMPT:({},{})".format(g_with_a, email),client_sock): raise ValueError("Failed to send message") message_received = net_utils.receive_msg(client_sock) msg_ints = literal_eval(message_received.decode('utf-8')) salt = msg_ints[0] b_value = msg_ints[1] u = msg_ints[2] sha_pw_digest = sha256.SHA256() sha_pw_digest.Update(bytes("{}||{}".format(salt, password), encoding='utf-8')) x_exp = sha_pw_digest.Sum() total = GroupOp.mod_exp(b_value, a + (x_exp * u), CP36.MODPGROUP["1536"]) key_digest = sha256.SHA256() key_digest.Update(bytes("{}".format(total), encoding='utf-8')) actual_key = (key_digest.Sum()).to_bytes(256 // 8,byteorder='big') verification_check = hmac_myimpl.SHA256_HMAC(actual_key, salt) if not net_utils.send_msg(verification_check, client_sock): raise ValueError("Could not send over pipe") msg = (net_utils.receive_msg(client_sock)).decode('utf-8') print("Server says {}".format(msg)) print("Finishing client thread") return
def client(email, password): client_sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) client_sock.connect((HOST, PROTOCOL)) msg = "CREATE_PASSWORD:({},{})".format(email, password) if not net_utils.send_msg(msg, client_sock): raise ValueError("Failed to send message") # wait to receive a SUCCESSFUL from the server server_reply = (net_utils.receive_msg(client_sock)).decode('utf-8') if server_reply != "SUCCESS": raise ValueError("Could not create account") return
def attacker(): print("Attacker trying to authenticate") email = input("Please enter the user you would like to authenticate as...") # generate a needed for diffie hellman share = input( "Input client share (i.e. g**a) as numerical value or [number]G\n") changed_val = False if "G" in share: g_with_a = CP36.MODPGROUP["1536"] * int(share[:share.index("G")]) changed_val = True else: g_with_a = int(share) second_client_sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) second_client_sock.connect((HOST, PROTOCOL)) if not net_utils.send_msg("AUTH_ATTEMPT", second_client_sock): raise ValueError("Failed to send message") saw_okay = (net_utils.receive_msg(second_client_sock)).decode('utf-8') if saw_okay != "CONTINUE": raise ValueError("Server Error") if not net_utils.send_msg("({},{})".format(g_with_a, email), second_client_sock): raise ValueError("Failed to send message") message_received = net_utils.receive_msg(second_client_sock) msg_ints = literal_eval(message_received.decode('utf-8')) salt = msg_ints[0] total = int(input("Please give integer input (i.e. S): ")) key_digest = sha256.SHA256() key_digest.Update(bytes("{}".format(total), encoding='utf-8')) actual_key = (key_digest.Sum()).to_bytes(256 // 8, byteorder='big') verification_check = hmac_myimpl.SHA256_HMAC(actual_key, salt) if not net_utils.send_msg(verification_check, second_client_sock): raise ValueError("Could not send over pipe") response = (net_utils.receive_msg(second_client_sock)).decode('utf-8') print("Finishing client thread, received from server {}".format(response))
def server_srp(client_sock, email_held, salt, v_held): # try and receive msg from pipe b = secrets.randbelow(MODPGROUP["1536"]) client_msg = (net_utils.receive_msg(client_sock)).decode('utf-8') args = client_msg.split(",") email = args[1][:-1] client_key_share = int(args[0][1:]) if email == email_held: g_with_b = GroupOp.mod_exp(GENERATOR, b, MODPGROUP["1536"]) maskedv = (K * v_held + g_with_b) % MODPGROUP["1536"] server_msg = "({},{})".format(salt, maskedv) else: print("Server received wrong email identifier") server_msg = "ERROR" if not net_utils.send_msg(server_msg, client_sock): raise ValueError("Failed writing to pipe") client_hmac_val = net_utils.receive_msg(client_sock) #compute local u_hash = sha256.SHA256() u_hash.Update( bytes("{}||{}".format(client_key_share, maskedv), encoding='utf-8')) u = u_hash.Sum() total = GroupOp.mod_exp(v_held, u, MODPGROUP["1536"]) total = (total * client_key_share) % MODPGROUP["1536"] total = GroupOp.mod_exp(total, b, MODPGROUP["1536"]) key_digest = sha256.SHA256() key_digest.Update(bytes("{}".format(total), encoding='utf-8')) actual_key = (key_digest.Sum()).to_bytes(256 // 8, byteorder='big') check_against = hmac_myimpl.SHA256_HMAC(actual_key, salt) # this comparison is very insecure if client_hmac_val == check_against: print("{} client succesfully authenticated".format(email_held)) return True else: return False
def server_wrapper(client_sock): client_msg = (net_utils.receive_msg(client_sock)).decode("utf-8") if ":" in client_msg: switch_val, actual_msg = client_msg.split(":") else: switch_val = client_msg if switch_val == "CREATE_PASSWORD": email, passw = actual_msg.split(',') email = email.lstrip('(') passw = passw.rstrip(')') if email in server_user_list: net_utils.send_msg("FAILED", client_sock) else: salt, v = CP37.create_password(passw) server_user_list[email] = (salt, v) net_utils.send_msg("SUCCESS", client_sock) elif switch_val == "AUTH_ATTEMPT": client_share, email = actual_msg.split(',') client_share = int(client_share.lstrip('(')) email = email.rstrip(')') if email in server_user_list: auth_outcome = simple_srp(email, client_share, client_sock) if auth_outcome: net_utils.send_msg("SUCCESS", client_sock) else: net_utils.send_msg("FAILED", client_sock) else: net_utils.send_msg("FAILED", client_sock) else: net_utils.send_msg("FAILED", client_sock) return