| Finger in the Middle Contest | |
| ================================= | |
| Players: | |
| Defender - Tries to send a fingerprint over an insecure channel and wins iff | |
| they (1) detect every attack, or (2) successfully transfer the | |
| fingerprint. | |
| Attacker - Tries to modify the fingerprint sent over the channel. | |
| Rules: | |
| 1. The Defender writes a program D. | |
| 2. The Attacker writes a program A (they are not given any information about D). | |
| 3. Two instances of D are run, passing messages through an instance of A. | |
| 4. All programs are shut down. | |
| 5. The Attacker is given a copy of the program D, and is allowed to modify A. | |
| 6. Modified-A is started. | |
| 7. The two instances of D are started up again, communicating through | |
| Modified-A. | |
| - They're allowed to state left over from the last time they were run, but | |
| - The Defender is not allowed to modify the program or that state. | |
| 7. A judge gives a secret message to one instance of D, and checks that the | |
| other instance of D successfully received it. | |
| 8. If the Attacker can recover the secret message within the next hour (or | |
| whatever), the Attacker wins. If not, the Defender wins. | |
| The order is important, since it: | |
| - Stops the Defender from hard-coding secret keys into D. | |
| - The Attacker will eventually get access to them. | |
| - Stops the Attacker from being able to use D itself to understand what | |
| D tries to do. | |
| - The Attacker doesn't know D until after they do the interception. | |
| Unfortunately, these rules don't work, because D could have a hard-coded HMAC | |
| key, and use that for integrity. Once the Attacker learns the HMAC key in step | |
| 5, it's already too late. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment