Eurocrats prep white-box crypto capture-the-flag
ECRYPT WhibOx Challenge opens May 15
Defender or attacker, it's less than a fortnight away from the WhibOx Challenge, a capture-the-flag (CTF) competition operated by the EU-supported ECRYPT.
If you're on the defensive side, the CTF asks for white-box implementations of AES-128 (using keys of your own choice), to see how long you last against an attacker.
The challenge for attackers is simple: extract the hard-coded encryption key – and attackers can work either anonymously or under their own names. Moreover, attackers aren't asked to release their designs, merely to provide the resulting C code.
ECRYPT explains that it's observed increasing use of homebrew (white-box) crypto for DRM and mobile applications, which means their security relies on keeping their techniques secret “rather than to rely on academic designs”.
Crypto solutions are judged simply against how long they last (measured in “strawberry points”, apparently for no better reason than to call attackers' scores “banana points”).
Attackers inherit those strawberry points at the point they crack the system, so a system that lasts longer is a better prize; there's a max rule that limits the number of points attackers can accumulate*.
The submission server opens on May 15. After that, the key dates are:
- August 31 2017: submission deadline (attacks continue after this date);
- September 24 2017: final deadline, at which point scores are frozen;
- Winners will be announced at the CHES 2017 conference's “rump session” (the convention is in Taipei in September).
CryptoExperts wrote the submission server (code here), and during the competition, the server will be operated by the Technical University of Eindhoven. ®
Bootnote: Before commentards rain down “security by obscurity” and “don't roll your own encryption”: we agree. However, if such things are going to exist – and they are – a hackfest is probably as good a place as any in which to ventilate them. ®
Update: We've corrected this article to include the "max rule", rather than our original statement about accumulation of banana points by attackers. ®