I’m in
Let me be more specific: I'm willing to prepare two artisanally-crafted crypto challenges for the low price of $10,000 (each) donated to the Great Slate. That's $20k total. secure.actblue.com/donate/great_s…
These problems will focus on some joint work I did with @FiloSottile: events.ccc.de/congress/2017/…. It's a really cool (in my opinion) exploit of a carry bug in Golang's P256 implementation.
The first problem will be a simplified version of the attack: we'll implement a buggy ECC scalar multiplication routine, fuzz it offline, and send crafted queries to recover the private key from a static ECDH server.
The second problem will add in all the bells and whistles from the real implementation and attack: windowed multiplication, booth encoding, an improved method for finding the first limb, and finishing the key recovery with Pollard's kangaroo.
And when you do donate, tweet me a screenshot of your receipt!
$9k to go for the first problem thanks to a very generous donation by @reaperhulk!
$8.75k to go for the first problem! Thanks @astrange_e!
$7.75k to go! Thanks @paulsmith!
Wow! Incredible generosity from @dguido! The first problem is fully paid for! Now let’s get another $10k to unlock the second one!
Another generous donation, this time from @analogist_net! Thanks! $9880 left to commission the second challenge!
After another generous donation from @irons we’re down to uhhh $6683.01 to go on the second problem? I think.
$792 from @EthanIsMumbling brings us to $5891.01 left! Thanks Ethan!
$75 from @jpterracina! Thanks! $5816.01 left for the second challenge!
I'm reviving this thread with a SPECIAL OFFER! Donate to Greg Edwards NOW to unlock this second crypto challenge. We were sitting at around $5800 when we left off, but let's round down and call it an even $5000.
All donations to the Great Slate are appreciated, but only donations to Greg Edwards can unlock this challenge!
For those just joining us: the first challenge (already unlocked, writing it now) is a simple exploit of a software fault in an ECDH implementation.
The second challenge is the real-world version of the attack based on an ACTUAL bug in Golang's P-256 implementation! Joint work with @FiloSottile, who explains it here: media.ccc.de/v/34c3-9021-sq…
This one has all the bells and whistles: windowed multiplication, Booth encoding, a fun method for finding the first limb, and finishing the attack with Pollard's kangaroo!
Act now! The second challenge can ONLY be unlocked by your donations to Greg Edwards! Once again, $5000 is the number we need to hit!
