Before we get into the details of the winning entries, we’d like to thank our fantastic team of judges:
- Jean-Philippe Aumasson
- Frank Denis
- 0xabad1dea (Melissa Elliott)
- Daira Hopwood
- Juliano Rizzo
- Tomás Touceda
- Justin Troutman
- Florian Mendel
Without the hours they spent pouring over submissions, testing, debating, and reviewing every detail, this would never have been possible.
John Meacham – tinyaesctr
tinyaesctr – A portable, minimal rfc3686 compliant implementation of AES encryption in CTR mode.
This implementation is specifically designed for resource constrained devices, It makes use of static memory buffers and minimal use of pointers to better fit the CPUs used in embedded systems.
Download (make sure you look at
exploit/README.txt for all the details)
Gaëtan Leurent – Backdoored Implementation of Stern’s Zero-Knowledge Identification Protocol
Stern described a code-based zero-knowledge identification scheme in 1993, which became the basis of several improved variants. It is quite attractive because it is provably secure, but only uses simple operations (matrix multiplications and bit permutations).
In this work, we add a backdoor to a proof-of-concept implementation from Cayrel et al., with a subtle implementation flaw. The new version still accepts all legitimate provers, and reject almost all illegitimate ones. However, an adversary knowing that the flaw is present can fool the authentication. A similar backdoor can be planted in virtually any implementation of the scheme, and in most later variants.
We will be publishing the remaining entries soon.
The winners will be getting their pick of prizes, provided by our sponsors: