Okay, so today is the deadline to get stuff for inclusion on the conference CD's and so since the long-suffering Nikita has been very patient with me I don't want to be late.
As discussed, what constitutes 0wnage will be compromising a defender system and getting hold of a large unique, per-systemOne Time Pad? Key? Hash? which will decrypt a ciphertext included on the conference CD.
So, my problem is this:
Originally I intended to use a bonafide one time pad but the problem I have is that I want it to be something that an attacker who obtains the key can decrypt with tools on hand. There are lots of tools available for generating and using OTP's, but with I-net connections being unpredictable, I want something readily at hand for folks.
So, rather than a "true" OTP, based on wide availability of GPG, I'm planning to go this route for key and ciphertext distribution.
In generating the unique ciphertext for each entry that go on the CD's, my current plan is this:
In the printed materials as submitted we tell attackers to consult the scoreboard for targets, and to use the key in /owned to decrypt the corresponding ciphertext on the conference CD. By providing us with the plaintext, you verify you have successfully compromised the machine.
So the question I have is if the above looks sufficiently sound to everyone? I want to make sure there is no whining or drama, and have a verifiable way to confirm compromise. I had one person question that the contest wasn't sufficiently secured, so I want something as ironclad as possible to confirm compromise, but I also have to deal with realities of something workable for everyone.
The advantage of GPG versus a "true" OTP is that the tools are common and most (if not all) people will have them handy. My feeling is that a sufficiently large key, and single use, while not being a "true" OTP, is a defensible approach.
Thoughts? Ridicule? Comments? Questions? Projectiles?
As discussed, what constitutes 0wnage will be compromising a defender system and getting hold of a large unique, per-system
So, my problem is this:
Originally I intended to use a bonafide one time pad but the problem I have is that I want it to be something that an attacker who obtains the key can decrypt with tools on hand. There are lots of tools available for generating and using OTP's, but with I-net connections being unpredictable, I want something readily at hand for folks.
So, rather than a "true" OTP, based on wide availability of GPG, I'm planning to go this route for key and ciphertext distribution.
In generating the unique ciphertext for each entry that go on the CD's, my current plan is this:
- Boot (undisclosed) Live CD on non-networked system
- Generate 30 unique 4096-bit GPG keys (should be enough)
- Crypt 30 unique files (one per key, large random plaintext)
- Burn one key each to 30 individual CDROMs
- Burn all ciphertexts to one CDROM
- Distribute keys in person by giving a unique CDROM to each entry
- Send the ciphertexts, via PGP, to the DC folks for inclusion on the CD
In the printed materials as submitted we tell attackers to consult the scoreboard for targets, and to use the key in /owned to decrypt the corresponding ciphertext on the conference CD. By providing us with the plaintext, you verify you have successfully compromised the machine.
So the question I have is if the above looks sufficiently sound to everyone? I want to make sure there is no whining or drama, and have a verifiable way to confirm compromise. I had one person question that the contest wasn't sufficiently secured, so I want something as ironclad as possible to confirm compromise, but I also have to deal with realities of something workable for everyone.
The advantage of GPG versus a "true" OTP is that the tools are common and most (if not all) people will have them handy. My feeling is that a sufficiently large key, and single use, while not being a "true" OTP, is a defensible approach.
Thoughts? Ridicule? Comments? Questions? Projectiles?
Comment