Crypto Challenge Chat

We'll be discussing the Crypto challenges released at Defcon!

Friday, August 11, 2017 12:00 pm PDT - Friday, August 11, 2017 12:30 pm PDT Local time zone:
Hack Chat
Similar projects worth following

Join the Hack Chat by clicking on the JOIN HACK CHAT button. Then, request to join #Hack Chat.

Don't request to join from this page, click the JOIN HACK CHAT button.


@Karl Koscher and @John Adams will be hosting the Hack Chat this week.

Hack Chats are (almost) always on Fridays at noon PDT.

Time Zones got you down? Here's a handy time converter!

In this chat, we'll be talking about some of the Crypto challenges that were created for Defcon. DEF CON is a hacker convention in Las Vegas, Nevada, USA. The convention has multiple speaker tracks about computer and hacking-related subjects, social events, and contests. 

One of the crypto challenge writeups from 2016 starts like "The challenge this year started a week before DEFCON 24 began, when we noticed that some HTML comments on had been changed. It didn’t take long for us to discover that the site was appending the text “Watching are you?” to the bottom of the page, every minute on the minute."

@Karl Koscher is a research scientist at the University of Washington where he specializes in embedded systems security. In his spare time, he likes to dabble in RF and electronics. He is one of the co-organizers of the Crypto and Privacy Village.

@John Adams is a security researcher and engineer. He is best known for his early work scaling and securing Twitter. When not hacking on electronics and security related issues, he is usually producing and writing music. He is one half of the creators of the IDES OF DEFCON badge. Follow him on Twitter @netik.

TL;DR :: we'll be discussing:

  • How Crypto Challenges work - who wins, who loses?
  • Crypto firmware
  • Techniques used to solve Crypto Challenges
  • How Crypto Challenges are created

Here's the sheet to guide the discussion.

  • Crypto Challenge HackChat Transcript

    Shulie Tornel08/11/2017 at 19:02 0 comments

    Sophi Kravitz OK let's get started

    davedarko colrceyhnpagtle. sounds klingon.

    Sophi Kravitz Who here worked on a badge?

    Karl Koscher I certainly did

    Bill-Paul I did.

    Sophi Kravitz // waits ....

    jculberts o/

    jculberts I help Karl

    Sophi Kravitz Alright then! Karl and Bill, can you introduce yourselves? And then I reserve the right to ask the first question

    Sophi Kravitz Sorry Bill-Paul

    Karl Koscher Sure! I'm one of the organizers of the Crypto and Privacy Village at DEF CON. Part of my responsibilities include producing the badge :)

    Bill-Paul I did firmware development for the Ides of DEC CON badge along with John Adams. (Our friend Egan Hirvela did game play design for us and Matt Harris did the character art.)

    Bill-Paul I also work in the VxWorks Core OS group at Wind River Systems (an Intel company).

    Sophi Kravitz So first question is from me: how do you define crypto challenge? is there a challenge that everyone knows about or do you have to guess that there is one happening?

    Sophi Kravitz (after you guys are done with intros)

    Karl Koscher We have done a couple of crypto challenges in the past. They usually take the form of puzzles with elements that are woven into various things

    Karl Koscher This year we had a snapchat filter which interacted with the floor to produce something, puzzles on the physical badge, part of puzzles on the lanyard and keys we gave out, and a bunch more on our website

    Bill-Paul In our case there were a couple of puzzles (which John worked on mostly). There was a URL that led to some puzzles, and we had one special unlock code that led to a puzzle for an invite to a party at the con.

    -= Wolf =- what is the main purpose of a crypto challenge? to grow interest on Crypto software?, to keep people interested on the subject? or just fun?

    Karl Koscher In the past, we used the badge to validate answers to the puzzle, and even had a challenge hidden in the badge

    Sophi Kravitz @Karl Koscher how did people know there was a challenge?

    Bill-Paul Oh, also, one of our sponsors (Avast) asked us to include a touch-tone audio sequence which would lead you to an IP address and port where they had an old school BBS set up.

    Karl Koscher I guess if it's your first time at DEF CON you might not know, especially if you don't interact with other people, but it's pretty obvious to people looking for one

    Karl Koscher like, we have random letters on the lanyard. what other purpose would those have? :)

    Karl Koscher and random dot patterns on the badge

    Sophi Kravitz ah ok

    Sophi Kravitz I have not been to DEF CON

    Bill-Paul Apparently some people can decode the tones by ear so we were counting on that.

    Karl Koscher I believe this year we actually had handouts for some of the puzzles at our info desk, so it was easy to find

    Sophi Kravitz I imagine that many people on this chat haven't been either

    Shulie: Decode the tones by ear, wow, that is insane. :)

    Sophi Kravitz by ear???? WHAT?

    Frank Buss @Karl Koscher are you LosT/李智上 on twitter?

    Bill-Paul Yeah, I think hard core phreakers have the sounds memorized or something. :)

    James Murphy I've been following Def Con for about 7 years but have never attended. I would like to but $$ is the issue.

    Karl Koscher I am not LosT

    Bill-Paul I actually have a touch-done decoder board I built years ago using a DTMF decode chip from Radio Shack which I used to validate that we were generating them right.

    Bill-Paul Of course you could also just look in the source code. :)

    jculberts These are the puzzles at the top of the badge.

    Frank Buss I tried some of the puzzles, but too complicated for me

    jculberts dang, it didn't keep the rotation.

    Karl Koscher @jculberts: can you also post a photo of the dots?

    jculberts also, the box has a nice inviting...

    Read more »

View event log

Enjoy this event?



Bradley Thompson wrote 08/21/2019 at 06:03 point

Most of all I would like to hear the opinion of Karl Koscher from the University of Washington. Besides, it would help me with when dealing with similar events. Various business nuances and details help in creating informative speech topics.

  Are you sure? yes | no

Interested in attending?

Become a member to follow this event or host your own