CodeGate 2009's Challenge 18 - Diffie-Hellman parameter tampering case study
1 Introduction Last week I joined team CLGT to take part in the CodeGate 2009 organized by BeistLab. There's 21 challenges. This post is about challenge 18 which, IMHO, is one of the most interesting. You can download full report from CLGT here . There was only two teams could nail #18, and, unfortunately, we were not one of them. We were very close, just minutes away, from the final solution, but could not manage to solve it before the contest ended. Anyway, we're writing this writeup because we like it. This is a cryptography challenge. The objective is to decrypt the communication between a server and a client, which play a protocol involving RSA digital signature algorithm [1], Diffie-Hellman Key Protocol Agreement [2], and AES block cipher [3]. Section 2 describes the protocol and its setting in detail. Section 3 discusses some vulnerabilities of the protocol. Section 4 describes how we nail it. Section 5 discusses some ways to fix it. Section 6 concludes. 2 The Protoco...