Underhanded Crypto Contest

For everyone playing around with Crypto there are certainly moments where the developed and implemented algorithm does just the opposite of what is expected; which leads to the code thrown off in some dark corner of the hard-disk. If this is same case with you, now is the good time to get all those codes that out because there is a new crypto competition!

Underhanded Crypto Contest

The Underhanded Crypto Contest is a competition to write or modify crypto code that appears to be secure, but actually does something evil. For example:

* A password hashing library that always accepts the password “monkey.”

* A MAC algorithm that can be broken if you know some fixed secret key.

* Something that leaks the key through a reliable side channel, padding, IV, etc.

* A user interface that makes it easy to accidentally spread your secrets all over the Internet.


Submission deadline is Dec 2, 2014, in accordance to the rules

Winners will be announced on Dec 30, 2014.


Cryptography Competitions

  1. Password Hashing Competition : 

    The Password Hashing Competition (PHC) is an effort organized to identify new password hashing schemes in order to improve on the state-of-the-art (PBKDF2, scrypt, etc.), and to encourage the use of strong password protection. Applications include for example authentication to web services, PIN authentication on mobile devices, or key derivation for full disk encryption.

    Motivations behind the PHC include:
    The poor state of passwords protection in web services: passwords are too often either stored in clear (these are the services that send you your password by email after hitting “I forgot my password”), or just hashed with a cryptographic hash function (like MD5 or SHA-1), which exposes users’ passwords to efficient brute force cracking methods.
    The low variety of methods available: the only standardized construction is PBKDF2 (PKCS#5, NIST SP 800-132), and there are mainly just two alternatives: bcrypt and scrypt.
    A number of new ideas discussed within the security and cryptography communities, but which have not yet led to a concrete proposal.


  2. CryptoChallenge :  The ultimate code-breaking test. It will take all your savvy and experience to crack the cipher. The code will be available soon; and first prize is an Apple iPad 16Gb. So pre-register now. Good luck!