AuthorTaylor Hornby

Sorry, we’re late! Last year’s entries are coming!

We’ve taken too long to publish all of last year’s entries. We wanted to give each non-winning entry its own blog post, since they can all teach us a useful lesson, but I (Taylor) promised to write those blog posts and took far too long. Sorry everyone! Those posts are finished now and we’ll be posting one per week. Here’s the first one: AverageSecurityGuy’s Entry...

Sc00bz’s 2017 Entries: Circumventing Slow Password Storage, and Targeted Backdoor Delivery

Sc00bz sent in two entries to the 2017 Underhanded Crypto Contest. First Entry Sc00bz’s first entry (inspired by one of Adam Caudill’s tweets) is a password storage library that appears to use bcrypt, a slow password hashing function. However, instead of generating the salt randomly, it uses a hash of the user ID and password: // Generate salt $salt = substr(hash_hmac('sha256'...

Joseph Birr-Pixton’s 2017 Entry: Poor API Design in OpenSSL

Joseph Birr-Pixton‘s entry to the 2017 Underhanded Crypto Contest is the EVP_VerifyFinal API call that actually exists in OpenSSL. This isn’t to suggest someone intentionally backdoored OpenSSL, but this API call has really poor usability, as Joesph explains: The design of EVP_VerifyFinal OpenSSL’s EVP_VerifyFinal function has a poor choice of return value semantics, which means...

EllaRose’s 2017 Entry: Remote Code Execution with Python’s Pickle

Ella Rose‘s entry to the 2017 Underhanded Crypto Contest is an AEAD (authenticated encryption with associated data) encryption library written in Python. The crypto code itself is fine and bug-free, but the ciphertext is built using Python’s pickle format. Decoding untrusted pickles is well-known to enable remote-code-execution attacks. So, even though the logical ciphertext itself is...

AverageSecurityGuy’s 2017 Entry: A PRNG that Zeroes its Seed

AverageSecurityGuy‘s entry to the 2017 Underhanded Crypto Contest is a pseudorandom number generator that zeroes out its own seed. The code generates two actually-random seeds for the generator and then “shuffles” them as follows, where “xor_byte_arrays” is a function that XORs two byte arrays together and returns the result in a new array: /* Shuffle the keys with...

Recent Posts

Categories