# Lecture 3: Password Attack with Difference Analysis - Introduction

In this example we want to improve the basic passwdcheck to be resistant against the attack from the last tutorial.

## Improving the code

Let's first recap the password checking loop from the basic passwdcheck:
```c
for(uint8_t i = 0; i < sizeof(stored_password); i++)
{
    if (stored_password[i] != passwd[i])
    {
        password_correct = 0;
        break;
    }
}
```

The timing attack discussed in the last example worked because the loop's runtime varies with the number of correct characters. Once the first wrong character occurs the loop breaks.
This is, what we want to change:

```c
for(uint8_t i = 0; i < sizeof(stored_password); i++)
{
    if (stored_password[i] != passwd[i])
    {
        password_correct = 0;
    }
}
```

This is an excerpt from `3_password_fixed.c`. It is clear that the loop does not break after the first wrong character and always all characters of the password are checked.

<div style="background: #f0ffe0; padding: 15px; border: 1px solid slategray;">
<div class="h2" style="font-variant: small-caps;">Exercise 1</div>
    
Check that the attack from `2. Password Timing Analysis Attack.ipynb` does not work anymore.

</div>

## Develop a new idea

In [None]:
import securec
from securec import util
scope, target = util.init()

In [None]:
securec.util.compile_and_flash('./3_password_fixed.c')

In [None]:
import struct
import time
import warnings
    
scope.default_setup()
scope.adc.samples = 1000

def capture(attempt):
    scope.arm()
    target.simpleserial_write('p', attempt.encode() + b'\x00' * (10 - len(attempt)))
    result = target.simpleserial_read('p', 1)
    return util.capture(), not bool(result[0])

<div style="background: #f0ffe0; padding: 15px; border: 1px solid slategray;">
<div class="h2" style="font-variant: small-caps;">Exercise 2</div>
    
1. Capture a few different traces. Each one with only one but different input character.
2. Compare them and try to modify the SAD idea. Hint: replace `sum` by something else...
 
</div>

In [None]:
util.exit()