[cryptography] Underhanded Crypto
jeanphilippe.aumasson at gmail.com
Wed Nov 26 12:56:31 EST 2014
Related: I recently gave a talk about crypto backdooring, at NoSuchCon
last week, slides are available at
On Wed, Nov 26, 2014 at 6:04 PM, ianG <iang at iang.org> wrote:
> The Underhanded Crypto contest was inspired by the famous Underhanded C
> Contest, which is a contest for producing C programs that look correct, yet
> are flawed in some subtle way that makes them behave inappropriately. This
> is a great model for demonstrating how hard code review is, and how easy it
> is to slip in a backdoor even when smart people are paying attention.
> We’d like to do the same for cryptography. We want to see if you can design
> a cryptosystem that looks secure to experts, yet is backdoored or vulnerable
> in a subtle barely-noticable way. Can you design an encrypted chat protocol
> that looks secure to everyone who reviews it, but in reality lets anyone who
> knows some fixed key decrypt the messages?
> We’re also interested in clever ways to weaken existing crypto programs. Can
> you make a change to the OpenSSL library that looks like you’re improving
> the random number generator, but actually breaks it and makes it produce
> predictable output?
> If either of those things sound interesting, then this is the contest for
> cryptography mailing list
> cryptography at randombit.net
More information about the cryptography