Call for participation
The competition comes in two flavors for contestants:
- Coders are invited to post challenge programs that are white-box implementations of AES-128 under freely chosen keys. Challenges are expected to resist key extraction and ciphertext inversion when submitted to white-box attackers.
- Attackers are invited to break the submitted challenges i.e. extract their hard-coded encryption key or reverse encryption punctually on random ciphertexts.
It is up to contestants to choose between remaining completely anonymous or using a recognizable identity. Coders are not expected to explain their designs, but only to provide a resulting C code. Attackers are not expected to explain their techniques, but only to recover embedded key(s) or decrypted plaintexts.
The purpose of Edition 2
The motivation for initiating the WhibOx contest Edition 1 came from the growing interest of the industry towards white-box cryptography (most particularly for DRMs and mobile payments) and the obvious difficulty of designing secure solutions in a scientifically valid sense. The conjunction of these 2 realities has prompted some companies to develop home-made solutions (with a security relying on the secrecy of the underlying techniques) rather than to rely on academic designs.
The 2017 edition of the competition gave an opportunity for researchers and practitioners to confront their (secretly designed) white-box implementations to state-of-the-art attackers. It also provided a new training material to reverse-engineers and security evaluators.
Given the success of Edition 1, and the fact that no challenge implementation survived more than 28 days of continuous attacks, we thought useful and exciting to pick up the competition where we left off and give a new chance to designers to showcase their talents. Once again, we hope to give a boost to scientific research and elevate the worldwide industrial know-how in the field of white-box cryptography.
The WhibOx Contest Edition 2 also has its own workshop!
Colocated with Eurocrypt 2019, WhibOx 2019 will be held on May 18-19 in Darmstadt and will provide a unique opportunity for contestants to discuss the latest achievements in the field of white-box cryptography.
How to win this competition?
Similarly to Edition 1:
- A white-box implementation collects strawberry points as long as it stays unbroken. As a reward for not being broken after time , a challenge implementation gets ∝ extra strawberries, so its strawberry score increases as
- The score of a broken implementation decreases symmetrically down to . The winning score is the maximal strawberry score reached by challenge programs throughout the competition. The strawberry winner is the developer whose challenge has realized the winning score.
- An attacker who breaks a challenge implementation by recovering its hard-coded key, converts the current strawberry score of the broken challenge into banana points. Those are integrated into the attacker’s current banana score through the max rule: the attacker’s new score is the max between their previous score and the bananas earned from the break. The banana winner is the attacker with the most banana points when the competition ends.
New in Edition 2:
This time around, new features and competition rules have been instated.
- Bonus (carrot) points are introduced to reward the successful inversion of ciphertexts, which amounts to unauthorized decryption. Attackers may now generate bananas even when hard-coded keys still resist extraction.
- The most efficient challenge programs collect strawberries (and carrots) faster than the others. Efficiency is measured in terms of average running time, code size and memory consumption.
- Time granularity has been improved and is now of 1 minute.
- Challenge programs are allowed to use both 32-bit and 64-bit instructions.
- Contestants may freely choose between 2 compiling options (GCC or TCC).
- Plaintext-ciphertext pairs for all challenges can be downloaded through a programmatic API.
- March 22, 2019:Competition starting date, the submission server opens
- Aug 1, 2019:Submission deadline (the submission period expires but attacks continue)
- Aug 21, 2019:Final deadline (strawberry, carrot and banana scores are frozen)
- CHES 2019 rump session:Announcement of the top-3 winners in each category
As soon as a challenge implementation is submitted, it is made public on the server and can hence be freely downloaded and broken by contestants. Implementations can be submitted from March 18 to Aug 1, 2019. After the submission deadline, attackers still have 20 days to continue breaking challenge implementations (until 4 days before CHES 2019 starts).
Winners will be announced at the CHES 2019 rump session (CHES 2019 will take place from Aug 25 to 28 in Atlanta, USA).
Connect with the community
Join the discussion forum on Slack and get your questions answered by the organizing committee. Invitation based – send us an invitation request at email@example.com. You may also be invited by people that are already members.
We would like to thank the general chairs of CHES 2019 in their support of this competition:
Yunsi Fei (Northeastern University)
Vincent J. Mooney III (Georgia Institute of Technology)
Patrick Schaumont (Virginia Tech)
The organizing committee is composed of:
Andrey Bogdanov (CYBERCRYPT)
Louis Goubin (UVSQ)
Stefan Kölbl (CYBERCRYPT)
Pascal Paillier (CryptoExperts)
Matthieu Rivain (CryptoExperts)
Elmar Tischhauser (CYBERCRYPT)
Junwei Wang (CryptoExperts)
The submission server is hosted and managed by CYBERCRYPT.
The source code of the submission server has been developed by CryptoExperts.
It is fully open source and available on GitHub.
Credits go to Junwei Wang for re-developing significant parts of the server at the occasion of this second edition of the WhibOx Contest; the 2017 version was created by Thomas Baignères and Matthieu Finiasz. The new rules and features are due to the CryptoExperts team, with ideas suggested by Benoît Chevallier-Mames, Chris Brzuska and contestants from the 2017 edition.
Terms and Conditions
The information contained on the “www.cyber-crypt.com/whibox-contest” and “whibox.cyber-crypt.com/” websites is for information purposes only. CYBERCRYPT assume no responsibility for errors or omissions in the contents on the website.
In no event shall CYBERCRYPT be liable for any special, direct, indirect, consequential, or incidental damages or any damages whatsoever, whether in an action of contract, negligence or other torts, arising out of or in connection with the contents of the website.
CYBERCRYPT reserves the right to make additions, deletions, or modification to the terms, conditions at any time without prior notice.
TO THE EXTENT ALLOWED BY LAW, CYBERCRYPT IS NOT LIABLE FOR ANY INDIRECT, SPECIAL, INCIDENTIAL, OR CONSEQUENTIAL DAMAGES REGARDLESS OF THE FORM OF ACTION OR THEORY OF RELIEF. TO THE EXTENT ALLOWED BY LAW, THE MAXIMUM LIABILITY FOR DIRECT DAMAGES UNDER THE EVENT SPONSORED AND ADMINISTERED BY CYBERCRYPT IS LIMITED TO ZERO, REGARDLESS OF THE FORM OF ACTION OR THEORY OF RELIEF.