Four undergraduates who study cryptography at Korea University won first place in a national cryptoanalysis contest by deciphering six questions that encompass some of the most critical topics in information technology today, such as artificial intelligence (AI) and post-quantum cryptography (PQC).
The 2023 Cryptoanalysis Contest was held from May until August, hosted by the Military Cryptography Research Center, who reviewed the participants’ intellectual output in September. Participants were asked to address six questions over four months and then present a report on how they analyzed and solved each one.
For example, the first question, which comprised two parts of the challenge, required contestants to conduct an adversarial AI attack against images using perturbation methods and to prove that the attack was successful. Then the participants needed to demonstrate how an adversarial patch attack works when it is used to detect a traffic sign.
The second challenge was to conduct a key recovery attack utilizing a pretrained AI model, or “neural distinguisher.” To complete the challenge, the participants were asked to answer three interconnected questions and explain their respective answers. The third question dealt with fault injection attacks and challenged the contestants to find a private key using the RSA decryption process.
The fourth question focused on data parallelism, a method of accelerating data processing using multiple processors in parallel, which the participants were required to implement using the specific commands of Intel processors. The fifth question challenged competitors to recover a stolen drawing by analyzing four files obtained from a USB flash drive and then detailing the steps they took to accomplish the task. The last question required the contestants to recover a private key in the context of isogeny-based post-quantum cryptography and then explain why a certain signature algorithm was unsafe.
“It was not difficult to solve the problems presented in the contest, but the process of putting our analyses and thoughts into writing was hard,” said Won Sang-yun, the leader of the winning team, to The Readable in a written interview.
Won, a 19-year-old student of cryptography in the Department of Cyber Defense at Korea University, learned about the contest earlier this year. Won loved the fact that the contest’s problems were not limited solely to cryptography but also involved a variety of related fields, such as AI and blockchain. Won recruited his teammates—fellow classmates at Korea University Choi Jun-hyeok, Joo Hyeon-cheol, and Jang Jung-ho, all age 20—based on the fields addressed in the questions.
The three members Won invited to join his team each specialize in areas addressed in the contest’s questions. Choi Jun-Hyeok’s area of expertise is AI, and it was for this reason that he was confident that he would be an asset to the team, particularly in the area of machine learning. Joo Hyeon-cheol, whose interests lie in algorithms, wanted to take the opportunity to upgrade his knowledge by working alongside capable teammates. Finally, Jang Jung-ho is interested in digital forensics, and this background gave him the confidence to recommend himself as a useful member of Won’s team.
Utilizing their combined abilities, the team were able to tackle the contest’s problems with ease. They attacked the challenges presented in the questions and formulated solutions free from mathematical errors or logical contradictions. To accomplish this, the team thoroughly researched definitions of critical terms in order to understand their implications to the specific issues under consideration. For example, the team looked up, comprehended, and then applied “isogeny-based encryption,” which is a type of elliptic-curve cryptography.
“We believed that minor statements in our report would affect the team’s final score,” said Won. In order to complete the most flawless analysis possible, Won’s team selected the best analysis among their own individually written reports. They then worked to raise the other reports to the same level of accuracy by giving each other feedback and undertaking numerous rewrites. “This process was the most difficult part in the competition, but that made it even more rewarding,” added Won.
Not all the questions were easy to answer, however. The sixth problem forced the participants to grapple with new challenges beyond the scope of what is normally covered in the classroom. The field of isogeny-based cryptography was entirely new to Won’s team. To answer the question, the team first had to find related research papers and academic videos while simultaneously struggling to identify vulnerabilities in the electronic signature presented by the host organization. Over the course of answering the question, Won and his team members learned about advanced concepts, such as “Supersingular Isogeny Diffie-Hellman (SIDH),” a method of key-exchange known in academia to be insecure.
“The contest was a great opportunity for us to expand our perspective,” said Won, speaking on behalf of his team. The four winners, still at an early stage in their lives and learning, received an award from the Minister of National Defense in October, with the prize being 6 million won (approximately $4,600).
Notification: An error in the fifth paragraph has been fixed from “The third question focused on data parallelism,” written in the previous article, to “The fourth question focused on data parallelism.”