lukas/typst-template
Template
1
0
Fork 0
Code Pull Requests Activity

add pseudocode

Browse Source
This commit is contained in:
Lukas Heiligenbrunner
2024-10-22 13:12:10 +02:00
parent ee745f3491
commit 6529bf97b3
2 changed files with 39 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

BIN
main.pdf
View File

Binary file not shown.

41
main.typ
View File

@@ -1,4 +1,6 @@
#import "@preview/ichigo:0.1.0": config, prob
#import "@preview/algorithmic:0.1.0"
#import algorithmic: algorithm
#show: config.with(
course-name: "SMART CARDS & NFC",
@@ -20,9 +22,16 @@
][
- The PiN_TRY_COUNTER is prone to turn off attacks.
Each time the chip resets the ram value of the counter is cleared and one gets basically infinite retries.
todo solution
Solution:
- Store counter in non-volatile memory eg. EEPROM, flash, eMMC.
- Store counter in a secure server backend.
- Depending on the implementation of the comparison operation, it might leak side-channel information.
For example, if the comparison is done byte-wise, the attacker can determine the correct byte by comparing the time it takes to compare the bytes.
Solution:
- Implement a constant time comparison operation.
]
#prob[
@@ -33,5 +42,33 @@
],
)
][
todo solution
- The comparison of the entered pin and the reference pin is array entry wise.
If a entry doesn't match the comparison is short-handed and the function returns no match.
This is prone to a timing side-channel attack. If a pin digit matches the comparison takes longer than if it doesn't.
Solution:
- Implement a constant time comparison operation. (no comparison shorthand)
For example:
#algorithm({
import algorithmic: *
Function("Constant-Time-Compare", args: ("PIN", "Ref_PIN"), {
Cmt[Check if lengths are equal]
If(cond: $"length" ("PIN") != "length"("Ref_PIN")$, {
Return[false]
})
State[]
Cmt[Initialize result variable to 0]
Assign[$"result"$][$0$]
State[]
Cmt[Loop through each character in PIN and Ref_PIN]
For(cond: [$i=0$; $i < "length"("PIN") - 1$], {
Cmt[XOR corresponding characters and accumulate result]
Assign[$"result"$][$"result" or ("PIN"[i] xor "Ref_PIN"[i])$]
})
State[]
Cmt[Return true if result is 0, else false]
Return[$"result" == 0$]
})
})
]