Challenge Questions Blog

Challenge Questions

Stop in and exercise your brain. Talk about this month's Challenge from Specs & Techs or similar puzzles.

So do you have a Challenge Question that could stump the community? Then submit the question with the "correct" answer and we'll post it. If it's really good, we may even roll it up to Specs & Techs. You'll be famous!

Answers to Challenge Questions appear by the last Tuesday of the month.

Previous in Blog: Natural Variations: Newsletter Challenge (November 2016)   Next in Blog: Perplexing Propagation: Newsletter Challenge (January 2017)
Close
Close
Close
10 comments

Crypto Conundrum: Newsletter Challenge (December 2016)

Posted December 01, 2016 12:00 AM
Pathfinder Tags: challenge questions

This month's Challenge Question: Specs & Techs from IEEE Engineering360:

A security consultant wants to monitor the communications of a target who is using a system secured by an SSL/TLS connection thought to be unbreakable. The connection’s encryption keys are generated by an elliptic curve random number generator. Is it possible for the consultant to break into the target’s communications? How could he do it?

The answer to this challenge will be posted later this month, right here on CR4.

Reply

Interested in this topic? By joining CR4 you can "subscribe" to
this discussion and receive notification when new comments are added.

Comments rated to be "almost" Good Answers:

Check out these comments that don't yet have enough votes to be "official" good answers and, if you agree with them, rate them!
Guru

Join Date: Mar 2007
Location: at the beach in Florida
Posts: 31327
Good Answers: 1736
#1

Re: Crypto Conundrum: Newsletter Challenge (December 2016)

12/01/2016 12:12 AM

He would check the wiki....

__________________
Break a sweat everyday doing something you enjoy
Reply Score 1 for Good Answer
Guru

Join Date: Mar 2012
Location: Out of your mind! Not in sight!
Posts: 4424
Good Answers: 107
#2

Re: Crypto Conundrum: Newsletter Challenge (December 2016)

12/01/2016 12:25 AM

Sorry we can not answer this.

He can break into the communication at any point. Trouble would be he will not be able to understand the communication unless the breaks the encryption.

If he knows its an elliptic curve random generator he is 80% there to crack it with a "brute force" attack.

Or he simply installs a key logger.

Ups I did not say that!

__________________
Common Sense Dictates
Reply
Guru
Australia - Member - New Member

Join Date: Feb 2008
Location: Australia
Posts: 2133
Good Answers: 251
#3

Re: Crypto Conundrum: Newsletter Challenge (December 2016)

12/01/2016 5:31 AM

Ask nicely?

Arrive at their office as a consultant specialist and help them workshop-test their system.

Apply for a front desk position (become an employee) and then expand personal acces rights from within.

etc. see below from something I recently read.

"As a result, if an attacker gains access to the server’s private key and listens in on the exchange, then they can decrypt the the entire session. Worse, even if an attacker does not currently have access to the private key, they can still record the encrypted session and decrypt it at a later time once they obtain the private key"

__________________
Just an Engineer from the land down under.
Reply
Guru
Engineering Fields - Optical Engineering - Member Engineering Fields - Engineering Physics - Member Engineering Fields - Systems Engineering - Member

Join Date: Apr 2010
Location: Trantor
Posts: 5363
Good Answers: 646
#4

Re: Crypto Conundrum: Newsletter Challenge (December 2016)

12/01/2016 7:13 AM

Hire Chuck Norris.

__________________
Whiskey, women -- and astrophysics. Because sometimes a problem can't be solved with just whiskey and women.
Reply
Guru
Hobbies - Fishing - Old Salt Hobbies - CNC - New Member United States - US - Statue of Liberty - New Member

Join Date: Mar 2007
Location: Rosedale, Maryland USA
Posts: 5198
Good Answers: 266
#5

Re: Crypto Conundrum: Newsletter Challenge (December 2016)

12/01/2016 8:12 AM

Is this a job interview for the NSA?

__________________
Life is not a journey to the grave with the intention of arriving in a pretty, pristine body but rather to come sliding in sideways, all used up and exclaiming, "Wow, what a ride!"
Reply
Guru

Join Date: Oct 2014
Location: Hemet, Land of milk and honey.
Posts: 2365
Good Answers: 36
#6

Re: Crypto Conundrum: Newsletter Challenge (December 2016)

12/01/2016 10:51 PM

This sounds like a story of some wack job who was on somebody's watch list and they suspected the target of doing something, meanwhile the suspect does the dirty deed and then they can report that they were watching the target but by that time it's too late and they are biting their finger nails thinking that they should of sent in the swat hit squad when they had the chance.

Reply
Commentator

Join Date: Jun 2014
Posts: 59
Good Answers: 1
#7

Re: Crypto Conundrum: Newsletter Challenge (December 2016)

12/01/2016 10:58 PM

1. Why would someone want to break someone's security?

2. What is the purpose of the question? If this is homework, this is not the place to go for "cheap" tutoring. I am sure that a local Hackers Club would be able to discuss this problem with you; however, I don't believe they can think as slow as you.

Reply
Guru
Hobbies - Musician - Engineering Fields - Chemical Engineering - New Member Engineering Fields - Control Engineering - New Member Engineering Fields - Instrumentation Engineering - New Member

Join Date: Jan 2007
Location: Moses Lake, WA, USA, Thulcandra - The Silent Planet (C.S. Lewis)
Posts: 4216
Good Answers: 194
#8

Re: Crypto Conundrum: Newsletter Challenge (December 2016)

12/02/2016 11:57 AM

Call these guys:

__________________
"Reason is not automatic. Those who deny it cannot be conquered by it. Do not count on them. Leave them alone." - Ayn Rand
Reply
Guru

Join Date: Mar 2009
Posts: 507
#9

Re: Crypto Conundrum: Newsletter Challenge (December 2016)

12/04/2016 5:27 AM

do you want to break it?

Reply
Guru

Join Date: Aug 2005
Location: Hemel Hempstead, UK
Posts: 5384
Good Answers: 292
#10

Re: Crypto Conundrum: Newsletter Challenge (December 2016)

12/05/2016 5:08 AM

He just needs a quantum computer.

From :- Elliptic curve cryptography

"However, in August 2015, the NSA announced that it plans to replace Suite B with a new cipher suite due to concerns about quantum computing attacks on ECC.[3]"

__________________
We are alone in the universe, or, we are not. Either way it's incredible... Adapted from R. Buckminster Fuller/Arthur C. Clarke
Reply
Reply to Blog Entry 10 comments
Interested in this topic? By joining CR4 you can "subscribe" to
this discussion and receive notification when new comments are added.

Comments rated to be "almost" Good Answers:

Check out these comments that don't yet have enough votes to be "official" good answers and, if you agree with them, rate them!
Copy to Clipboard

Users who posted comments:

AWSCWI(RETIRED) (1); IdeaSmith (1); Just an Engineer (1); Mikerho (1); ozzb (1); Randall (1); SolarEagle (1); tonyhemet (1); Usbport (1); WilhelmHKoen (1)

Previous in Blog: Natural Variations: Newsletter Challenge (November 2016)   Next in Blog: Perplexing Propagation: Newsletter Challenge (January 2017)

Advertisement