Workshops

Cryptanalysis workshop & Challenge (11th November @ 10:30 - 12:30)

Most cryptographic challenges are based on either implementation attacks (the key is somewhere in the working environment), mathematical attacks (finding weaknesses in the encryption algorithm) or on poor key management techniques (weak keys or weak key setup). In this workshop, we deal with a different approach based on a real case. A practical implementation of the Secret Sharing Protocol is presented in which a flaw enables to break the protocol far more efficiently than brute-force. The different steps are the following: - The Linux binaries are provided the day before the workshop. The aim is to play the reverse engineering part for anyone interested. A first prize will be awarded to the first attendee which provide the corresponding source code (assembly or C code) - At the beginning of the workshop the original source code is provided to the audience. The protocol and the code is explained in details (30' long) The attendees have 20' minutes to identify the flaw. A second award is given to the first attendee who identifies the flaw. - Data for the cryptanalysis challenge are given - The audience tries to find how to exploit the flaw and solve the challenge. A third award is given to the first attendee who solve the challenge or provide significant and convincing method to. (30') - The solution is given and presented (20') and a discussion takes part with the audience on the difference between flaws and backdoors Awards could be given either during the session of during the BSides Closing ceremony. The awards are provided by the speaker.