SlideShare a Scribd company logo

Breaking Industrial Ciphers at a Whim

M
matesos

This presentation shows how to break a weak industrial cipher that secures many cars on the streets. The presentation details the problems with the cipher and how to exploit them to circumvent the ignition protection of vulnerable cars.

Technology
1 of 9
Download to read offline
Breaking Industrial Ciphers at a Whim MATE SOOS PRESENTATION AT HES’11
Story line 1 HiTag2: reverse-engineered proprietary cipher 2 Analytic tools are needed to investigate them 3 CryptoMiniSat: free software tool to test ciphers (and to break them) 2
Philips HiTag2 Cipher For access control: cars, army buildings Proprietary: reverse-engineered by Karsten Nohl and Sean O’Neil Feedback linear(!), filter non-linear 3
SAT Solvers Input: CNF, an “and of or-s’ (x1 ∨ ¬x3) ∧ (¬x2 ∨ x3) ∧ (x1 ∨ x2) Crypto-problem needs conversion Uses DPLL(ϕ) algorithm 1 If (formula ϕ trivial) return SAT/UNSAT 2 ret ← DPLL(ϕ with v ← true) 3 If (ret = SAT) return SAT 4 ret ← DPLL(ϕ with v ← false) 5 If (ret = SAT) return SAT 6 return UNSAT 4
Toy Example (¬x1 ∨ ¬x2 ∨ x3) ∧ (¬x1 ∨ x2) ∧ (¬x1 ∨ ¬x2) Clause 1 Clause 2 Clause 3 1 Guess: x1 = True 2 Clause 2: x2 = True 3 Clause 3: impossible! Reverse guess. 4 x1 = False 5 Good, everything is satisfied! 5
Example Search Tree BEGIN - s[60] guess - s[104] guess s[104] **115 s[63] **121 s[74] **123 s[103] **125 s[79] **126 - s[103] guess s[103] **99 s[79] **107 s[74] **111 s[63] **113 s[78] **114 - s[102] guess - s[100] **95 s[63] **97 s[79] **98 - s[101] guess s[100] **87 s[79] **91 s[63] **93 s[74] **94 - s[100] guess - s[99] guess s[99] **79 s[74] **83 s[63] **85 s[79] **86 - s[98] guess s[96] **72 s[63] **75 s[79] **77 s[74] **78 - s[97] guess - s[96] guess - s[95] guess - s[79] **68 s[63] **70 s[74] **71 - s[94] guess - s[93] guess - s[92] guess - s[91] guess - s[90] guess - s[89] guess - s[88] guess - s[87] guess - s[86] guess - s[85] guess - s[84] guess s[79] **64 s[74] **66 s[65] **67 - s[83] guess - s[82] guess - s[81] guess - s[80] guess - s[79] guess - s[78] guess s[78] **60 s[63] **62 s[65] **63 - s[77] guess s[77] **58 s[74] **59 - s[76] guess s[76] **57 s[63] calc_s[28] - s[65] calc_s[17] s[72] calc_s[30] s[74] calc_s[93] - s[62] calc_s[2] - s[75] calc_s[100] - s[61] calc_s[80] s[76] s[77] s[78] s[102] s[79] s[100] s[60] s[93] calc_s[102] - s[63] calc_s[28] s[65] calc_s[17] - s[72] calc_s[30] s[74] calc_s[93] s[77] s[78] s[79] s[60] s[93] s[102] s[100] calc_s[31] - s[74] guess - s[72] calc_s[31] s[65] calc_s[30] - s[63] calc_s[93] s[74] - s[77] s[79] s[78] s[93] s[60] calc_s[17] s[72] calc_s[31] - s[65] calc_s[30] - s[63] calc_s[93] s[75] calc_s[99] s[76] calc_s[28] s[78] s[79] s[60] s[103] s[99] s[93] s[102] s[100] calc_s[103] - s[63] guess s[74] **61 s[76] calc_s[28] - s[74] guess - s[72] calc_s[31] - s[75] calc_s[103] - s[65] calc_s[30] s[74] s[63] s[99] s[60] - s[78] s[79] s[103] calc_s[99] s[72] calc_s[31] s[75] calc_s[103] s[65] calc_s[30] s[64] calc_s[4] s[62] calc_s[96] s[61] calc_s[80] s[77] calc_s[93] s[63] s[79] - s[78] s[93] s[60] s[99] s[103] calc_s[17] - s[76] calc_s[28] - s[65] guess - s[72] calc_s[30] - s[77] calc_s[17] s[62] calc_s[2] - s[74] calc_s[31] - s[64] calc_s[104] s[75] calc_s[96] s[65] - s[78] s[79] s[85] - s[63] s[96] s[104] s[60] calc_s[85] s[72] calc_s[30] s[77] calc_s[17] - s[62] calc_s[2] s[74] calc_s[31] s[79] s[85] s[60] s[93] s[96] s[104] s[99] s[103] s[102] s[100] calc_s[93] - s[74] guess s[63] **65 s[72] calc_s[31] - s[63] guess s[76] calc_s[28] s[75] calc_s[100] s[78] calc_s[103] - s[65] calc_s[99] s[64] calc_s[4] s[63] s[74] s[60] - s[79] s[99] s[103] s[100] calc_s[3] - s[76] calc_s[28] - s[75] calc_s[100] - s[78] calc_s[103] - s[65] calc_s[99] s[64] calc_s[4] s[62] calc_s[96] s[77] calc_s[17] s[74] - s[79] s[60] s[96] s[99] s[103] s[100] calc_s[2] - s[72] calc_s[31] - s[65] guess s[78] calc_s[30] - s[75] calc_s[99] s[76] calc_s[100] - s[64] calc_s[4] - s[63] calc_s[28] - s[68] calc_s[10] s[77] calc_s[104] s[65] - s[74] s[60] - s[79] s[100] s[99] calc_s[3] - s[78] calc_s[30] - s[75] calc_s[99] s[76] calc_s[100] s[64] calc_s[4] - s[63] calc_s[28] - s[79] s[96] s[103] s[100] s[99] s[60] calc_s[103] - s[63] guess s[74] **69 s[76] calc_s[28] - s[74] guess - s[78] **61 - s[72] calc_s[31] - s[75] calc_s[100] s[93] **60 s[65] calc_s[30] s[74] s[63] s[60] s[79] s[103] s[100] s[99] calc_s[103] s[72] calc_s[31] s[75] calc_s[100] s[62] calc_s[96] s[78] calc_s[103] - s[68] calc_s[27] - s[77] calc_s[102] - s[65] calc_s[2] s[61] calc_s[19] s[63] s[96] s[102] s[103] s[60] s[100] s[99] calc_s[7] - s[76] calc_s[28] - s[74] guess - s[72] calc_s[31] s[75] calc_s[100] s[62] calc_s[96] - s[78] calc_s[103] - s[68] calc_s[27] - s[77] calc_s[102] s[74] - s[63] s[60] s[79] s[103] s[96] s[100] calc_s[8] s[72] calc_s[31] - s[75] calc_s[100] s[62] calc_s[96] - s[78] calc_s[103] s[68] calc_s[27] - s[77] calc_s[102] s[65] calc_s[2] s[61] calc_s[19] s[96] s[99] s[102] s[103] s[100] s[60] calc_s[20] - s[63] guess s[74] **73 s[79] **74 s[76] calc_s[28] - s[74] guess - s[79] **65 s[74] s[63] s[60] s[103] s[100] s[99] **69 - s[79] guess s[72] calc_s[31] s[75] calc_s[100] - s[62] calc_s[96] s[78] calc_s[103] s[68] calc_s[27] s[77] calc_s[102] - s[65] calc_s[2] - s[61] calc_s[19] s[79] - s[74] s[60] s[63] s[102] s[103] - s[96] s[100] calc_s[7] s[65] **67 - s[72] calc_s[31] - s[75] calc_s[100] - s[78] calc_s[30] s[77] calc_s[17] s[62] calc_s[2] s[64] calc_s[4] s[63] s[99] s[100] s[60] s[102] s[103] calc_s[23] - s[76] calc_s[28] s[74] **76 - s[79] guess - s[74] guess - s[72] calc_s[31] s[75] calc_s[100] - s[62] calc_s[96] - s[78] calc_s[103] s[68] calc_s[27] s[77] calc_s[102] s[74] s[79] - s[63] s[60] s[103] - s[96] s[100] calc_s[8] s[72] calc_s[31] - s[75] calc_s[100] - s[62] calc_s[96] - s[78] calc_s[103] - s[68] calc_s[27] s[77] calc_s[102] s[65] calc_s[2] - s[61] calc_s[19] s[79] - s[63] s[60] s[102] s[103] - s[96] s[100] calc_s[20] - s[74] guess s[72] calc_s[31] - s[75] calc_s[100] - s[62] calc_s[96] - s[78] calc_s[103] - s[68] calc_s[27] - s[77] calc_s[102] s[74] - s[63] s[60] - s[79] s[103] - s[96] s[100] calc_s[8] s[65] **67 - s[72] calc_s[31] s[75] calc_s[100] - s[78] calc_s[30] s[99] s[100] s[60] s[103] s[102] calc_s[99] - s[74] guess s[63] **81 s[79] **82 - s[63] guess s[79] **80 s[76] calc_s[28] - s[79] guess - s[72] calc_s[31] - s[75] calc_s[100] s[78] calc_s[103] - s[65] calc_s[30] - s[64] calc_s[3] s[77] calc_s[17] s[62] calc_s[2] s[79] s[63] s[60] s[74] s[103] s[100] calc_s[4] s[72] calc_s[31] s[75] calc_s[100] s[78] calc_s[103] s[65] calc_s[30] - s[64] calc_s[3] s[77] calc_s[17] - s[62] calc_s[2] s[63] s[74] s[60] s[103] s[100] calc_s[23] - s[76] calc_s[28] - s[79] guess - s[96] **76 s[79] s[74] s[60] s[103] s[100] **71 - s[96] **78 s[72] calc_s[31] - s[75] calc_s[100] s[62] calc_s[96] - s[78] calc_s[103] s[68] calc_s[27] s[77] calc_s[102] s[74] s[100] s[103] s[60] calc_s[8] - s[63] guess s[79] **84 s[76] calc_s[28] - s[79] guess - s[96] **74 s[72] calc_s[31] s[75] calc_s[100] s[62] calc_s[96] s[78] calc_s[103] - s[68] calc_s[27] - s[77] calc_s[102] - s[65] calc_s[2] s[61] calc_s[19] s[79] s[63] s[60] s[102] s[103] s[100] calc_s[7] - s[72] calc_s[31] - s[75] calc_s[100] s[78] calc_s[103] - s[65] calc_s[30] s[63] s[100] s[103] s[60] s[102] calc_s[99] - s[76] calc_s[28] - s[79] guess - s[96] **77 s[72] calc_s[31] - s[75] calc_s[100] s[62] calc_s[96] - s[78] calc_s[103] s[68] calc_s[27] - s[77] calc_s[102] s[65] calc_s[2] s[61] calc_s[19] s[79] s[100] s[102] s[103] s[60] calc_s[20] - s[72] calc_s[31] s[75] calc_s[100] - s[78] calc_s[103] s[65] calc_s[30] - s[64] calc_s[3] - s[77] calc_s[17] s[62] calc_s[2] s[100] s[102] s[103] s[60] calc_s[4] - s[79] guess s[63] **89 s[74] **90 - s[63] guess s[74] **88 s[76] calc_s[28] - s[74] guess - s[72] calc_s[31] s[75] calc_s[100] - s[78] calc_s[103] s[65] calc_s[30] - s[64] calc_s[3] - s[99] calc_s[99] - s[77] calc_s[17] s[62] calc_s[2] s[74] s[63] s[79] s[60] s[103] - s[100] calc_s[4] s[72] calc_s[31] - s[75] calc_s[100] - s[78] calc_s[103] - s[65] calc_s[30] s[64] calc_s[3] s[99] calc_s[99] s[77] calc_s[17] - s[62] calc_s[2] s[63] s[79] s[60] s[103] - s[100] calc_s[23] - s[76] calc_s[28] - s[74] guess - s[72] calc_s[31] - s[75] calc_s[100] s[78] calc_s[103] - s[65] calc_s[30] s[64] calc_s[3] s[99] calc_s[99] - s[77] calc_s[17] s[62] calc_s[2] s[74] s[79] s[60] s[103] - s[100] calc_s[4] s[72] calc_s[31] s[75] calc_s[100] s[78] calc_s[103] s[65] calc_s[30] - s[64] calc_s[3] - s[99] calc_s[99] s[77] calc_s[17] - s[62] calc_s[2] s[79] - s[100] s[103] s[60] calc_s[23] - s[63] guess s[74] **92 s[76] calc_s[28] - s[74] guess s[72] calc_s[31] - s[75] calc_s[100] - s[78] calc_s[103] - s[65] calc_s[30] - s[64] calc_s[3] - s[99] calc_s[99] - s[77] calc_s[17] - s[62] calc_s[2] s[68] calc_s[10] s[74] s[63] s[60] s[103] - s[100] calc_s[24] - s[72] calc_s[31] s[75] calc_s[100] - s[78] calc_s[103] s[65] calc_s[30] s[64] calc_s[3] s[99] calc_s[99] s[77] calc_s[17] s[62] calc_s[2] s[63] - s[100] s[103] s[60] calc_s[4] - s[76] calc_s[28] - s[74] guess s[72] calc_s[31] s[75] calc_s[100] s[78] calc_s[103] s[65] calc_s[30] s[64] calc_s[3] s[99] calc_s[99] - s[77] calc_s[17] - s[62] calc_s[2] - s[68] calc_s[10] s[74] - s[100] s[103] s[60] calc_s[24] - s[72] calc_s[31] - s[75] calc_s[100] s[78] calc_s[103] - s[65] calc_s[30] - s[64] calc_s[3] - s[99] calc_s[99] s[77] calc_s[17] s[62] calc_s[2] - s[100] s[103] s[60] calc_s[4] s[74] **83 s[79] **96 s[102] **87 - s[63] guess s[76] calc_s[28] - s[79] guess s[72] calc_s[31] s[75] calc_s[100] s[78] calc_s[103] s[65] calc_s[30] s[64] calc_s[3] - s[99] calc_s[99] - s[77] calc_s[17] - s[62] calc_s[2] s[68] calc_s[10] s[79] s[63] s[104] s[60] s[103] calc_s[104] - s[72] calc_s[31] - s[75] calc_s[100] s[78] calc_s[103] - s[65] calc_s[30] s[64] calc_s[3] s[99] **67 s[63] s[103] s[60] s[104] calc_s[99] - s[76] calc_s[28] - s[79] guess s[72] calc_s[31] - s[75] calc_s[100] - s[78] calc_s[103] - s[65] calc_s[30] - s[64] calc_s[3] s[99] calc_s[99] - s[77] calc_s[17] - s[62] calc_s[2] - s[68] calc_s[10] s[79] s[103] s[60] s[104] calc_s[104] - s[72] calc_s[31] s[75] calc_s[100] - s[78] calc_s[103] s[65] calc_s[30] - s[64] calc_s[3] s[99] calc_s[99] - s[77] calc_s[17] s[62] calc_s[2] s[103] s[104] s[60] calc_s[4] - s[79] guess s[63] **103 s[74] **105 s[78] **106 - s[63] guess s[74] **101 s[78] **102 s[76] calc_s[28] s[75] **100 - s[74] guess - s[72] calc_s[31] - s[100] guess - s[75] calc_s[100] - s[78] calc_s[103] s[65] calc_s[30] s[64] calc_s[3] s[99] calc_s[99] - s[77] calc_s[17] s[62] calc_s[2] s[75] s[74] s[79] s[63] s[60] - s[103] calc_s[4] s[100] calc_s[100] s[78] calc_s[103] - s[65] calc_s[30] s[64] calc_s[3] - s[99] calc_s[99] s[77] calc_s[17] s[62] calc_s[2] s[74] s[63] s[79] s[60] - s[103] calc_s[4] s[72] calc_s[31] - s[78] guess - s[65] calc_s[30] s[75] calc_s[103] - s[64] calc_s[3] - s[99] calc_s[99] s[77] calc_s[17] - s[62] calc_s[2] - s[100] calc_s[100] - s[68] calc_s[10] s[78] s[63] s[104] s[79] s[60] calc_s[104] s[65] calc_s[30] - s[75] calc_s[103] - s[64] calc_s[3] s[99] calc_s[99] - s[77] calc_s[17] - s[62] calc_s[2] s[63] s[79] s[60] s[104] calc_s[23] - s[76] calc_s[28] s[78] **104 - s[74] guess - s[72] calc_s[31] - s[78] guess s[65] calc_s[30] - s[75] calc_s[103] - s[64] calc_s[3] s[99] calc_s[99] s[77] calc_s[17] s[62] calc_s[2] s[78] s[74] s[79] - s[63] s[60] - s[103] calc_s[4] - s[65] calc_s[30] s[75] calc_s[103] - s[64] calc_s[3] - s[99] calc_s[99] - s[77] calc_s[17] s[62] calc_s[2] s[74] s[79] s[60] - s[63] - s[103] calc_s[4] s[72] calc_s[31] - s[78] guess - s[65] calc_s[30] s[75] calc_s[103] s[64] calc_s[3] - s[99] calc_s[99] - s[77] calc_s[17] - s[62] calc_s[2] s[78] - s[63] s[60] s[79] - s[103] calc_s[23] s[65] calc_s[30] - s[75] calc_s[103] s[64] calc_s[3] s[99] calc_s[99] s[77] calc_s[17] - s[62] calc_s[2] - s[100] calc_s[100] s[68] calc_s[10] s[79] s[104] s[60] calc_s[104] - s[74] guess s[63] **109 s[78] **110 s[72] calc_s[31] s[78] **108 - s[63] guess s[76] calc_s[28] - s[78] guess - s[65] calc_s[30] s[75] calc_s[103] s[64] calc_s[3] s[99] calc_s[99] - s[77] calc_s[17] - s[62] calc_s[2] s[78] s[63] s[60] - s[79] s[74] - s[103] calc_s[23] s[65] calc_s[30] - s[75] calc_s[103] s[64] calc_s[3] - s[99] calc_s[99] s[77] calc_s[17] - s[62] calc_s[2] s[100] calc_s[100] - s[68] calc_s[10] s[63] s[74] - s[79] s[60] - s[103] calc_s[24] - s[76] calc_s[28] - s[78] guess - s[65] calc_s[30] s[75] calc_s[103] - s[64] calc_s[3] s[99] calc_s[99] s[77] calc_s[17] - s[62] calc_s[2] s[100] calc_s[100] s[68] calc_s[10] s[78] s[74] - s[79] s[60] - s[103] calc_s[24] s[65] calc_s[30] - s[75] calc_s[103] - s[64] calc_s[3] - s[99] calc_s[99] - s[77] calc_s[17] - s[62] calc_s[2] s[74] - s[79] s[60] - s[103] calc_s[23] - s[72] calc_s[31] s[78] **112 - s[63] guess s[76] calc_s[28] - s[78] guess s[65] calc_s[30] - s[75] calc_s[103] - s[64] calc_s[3] - s[99] calc_s[99] s[77] calc_s[17] s[62] calc_s[2] s[78] s[63] - s[79] s[60] - s[103] calc_s[4] - s[65] calc_s[30] s[75] calc_s[103] - s[64] calc_s[3] s[99] calc_s[99] - s[77] calc_s[17] s[62] calc_s[2] s[63] - s[79] s[60] - s[103] calc_s[4] - s[76] calc_s[28] - s[78] guess s[65] calc_s[30] - s[75] calc_s[103] s[64] calc_s[3] - s[99] calc_s[99] - s[77] calc_s[17] s[62] calc_s[2] s[78] - s[79] s[60] - s[103] calc_s[4] - s[65] calc_s[30] s[75] calc_s[103] s[64] calc_s[3] s[99] calc_s[99] s[77] calc_s[17] s[62] calc_s[2] s[104] s[60] calc_s[4] - s[63] guess s[74] **117 s[103] **119 s[78] **120 s[76] calc_s[28] s[103] **116 - s[74] guess - s[79] guess - s[103] **101 - s[72] calc_s[31] - s[100] **95 s[102] **85 s[103] s[74] s[60] s[63] **81 - s[79] **113 s[74] s[63] s[60] **101 - s[103] guess s[79] **118 - s[100] **95 s[102] **85 - s[79] guess s[72] calc_s[31] s[75] calc_s[100] s[78] calc_s[103] s[65] calc_s[30] s[64] calc_s[3] - s[99] calc_s[99] - s[77] calc_s[17] - s[62] calc_s[2] s[68] calc_s[10] s[79] s[103] s[60] s[63] calc_s[24] - s[72] calc_s[31] - s[75] calc_s[100] s[78] calc_s[103] - s[65] calc_s[30] s[64] calc_s[3] s[99] **67 s[103] s[63] s[60] calc_s[99] - s[79] **113 s[72] calc_s[31] - s[78] guess - s[65] calc_s[30] s[75] calc_s[103] - s[64] calc_s[3] - s[99] calc_s[99] s[77] calc_s[17] - s[62] calc_s[2] - s[100] calc_s[100] - s[68] calc_s[10] s[78] s[63] s[60] calc_s[24] s[65] calc_s[30] - s[75] calc_s[103] - s[64] calc_s[3] s[99] calc_s[99] - s[77] calc_s[17] - s[62] calc_s[2] s[63] s[60] calc_s[23] - s[76] calc_s[28] s[103] **122 - s[74] guess - s[103] guess - s[100] **95 s[102] **87 s[103] s[74] s[60] **83 - s[79] **111 s[74] s[60] **105 - s[103] guess s[79] **124 - s[100] **95 s[102] **87 - s[79] guess s[72] calc_s[31] - s[75] calc_s[100] - s[78] calc_s[103] - s[65] calc_s[30] - s[64] calc_s[3] s[99] calc_s[99] - s[77] calc_s[17] - s[62] calc_s[2] - s[68] calc_s[10] s[79] s[103] s[60] calc_s[24] - s[72] calc_s[31] s[75] calc_s[100] - s[78] calc_s[103] s[65] calc_s[30] - s[64] calc_s[3] s[99] calc_s[99] - s[77] calc_s[17] s[62] calc_s[2] s[103] s[60] calc_s[4] - s[79] guess s[78] **106 s[72] calc_s[31] s[65] calc_s[30] - s[75] calc_s[103] s[64] calc_s[3] s[99] calc_s[99] s[77] calc_s[17] - s[62] calc_s[2] - s[100] calc_s[100] s[68] calc_s[10] s[79] s[60] calc_s[24] s[78] **114 - s[72] calc_s[31] - s[65] calc_s[30] s[75] calc_s[103] s[64] calc_s[3] s[99] calc_s[99] s[77] calc_s[17] s[62] calc_s[2] s[60] calc_s[4] node66 s[60] learnt unit clause s[74] learnt unit clause - s[74] guess s[103] **134 s[63] **138 s[79] **140 s[78] **141 - s[103] guess s[63] **130 s[79] **132 s[78] **133 - s[63] guess s[79] **128 s[78] **129 s[76] calc_s[28] s[78] **127 - s[79] guess s[72] calc_s[31] - s[78] guess - s[65] calc_s[30] - s[75] calc_s[103] - s[64] calc_s[3] - s[99] calc_s[99] s[77] calc_s[17] s[62] calc_s[2] s[78] s[79] s[63] s[74] s[103] calc_s[23] s[65] calc_s[30] s[75] calc_s[103] - s[64] calc_s[3] s[99] calc_s[99] - s[77] calc_s[17] s[62] calc_s[2] s[100] calc_s[100] s[68] calc_s[10] s[85] calc_s[85] s[79] s[63] s[74] s[103] calc_s[25] - s[72] calc_s[31] - s[78] guess s[65] calc_s[30] s[75] calc_s[103] - s[64] calc_s[3] - s[99] calc_s[99] s[77] calc_s[17] - s[62] calc_s[2] s[78] s[63] s[74] s[103] calc_s[4] - s[65] calc_s[30] - s[75] calc_s[103] - s[64] calc_s[3] s[99] calc_s[99] - s[77] calc_s[17] - s[62] calc_s[2] s[63] s[103] s[74] calc_s[4] - s[76] calc_s[28] s[78] **131 - s[79] guess s[72] calc_s[31] - s[78] guess - s[65] calc_s[30] - s[75] calc_s[103] s[64] calc_s[3] - s[99] calc_s[99] - s[77] calc_s[17] s[62] calc_s[2] s[100] calc_s[100] - s[68] calc_s[10] s[85] calc_s[85] s[78] s[79] s[74] s[103] calc_s[25] s[65] calc_s[30] s[75] calc_s[103] s[64] calc_s[3] s[99] calc_s[99] s[77] calc_s[17] s[62] calc_s[2] s[79] s[103] s[74] calc_s[23] - s[72] calc_s[31] - s[86] guess - s[78] guess s[65] calc_s[30] s[75] calc_s[103] s[64] calc_s[3] - s[99] calc_s[99] - s[77] calc_s[17] - s[62] calc_s[2] s[78] s[103] s[74] calc_s[4] - s[65] calc_s[30] - s[75] calc_s[103] s[64] calc_s[3] s[99] calc_s[99] s[77] calc_s[17] - s[62] calc_s[2] s[103] s[74] calc_s[4] - s[63] guess s[79] **136 s[78] **137 s[76] calc_s[28] s[78] **135 - s[79] guess s[72] calc_s[31] - s[78] guess - s[65] calc_s[30] s[75] calc_s[103] s[64] calc_s[3] s[99] calc_s[99] s[77] calc_s[17] s[62] calc_s[2] s[100] calc_s[100] - s[68] calc_s[10] s[85] calc_s[85] s[78] s[79] s[74] s[63] calc_s[25] s[65] calc_s[30] - s[75] calc_s[103] s[64] calc_s[3] - s[99] calc_s[99] - s[77] calc_s[17] s[62] calc_s[2] s[79] s[63] s[74] calc_s[23] - s[72] calc_s[31] - s[78] guess s[65] calc_s[30] - s[75] calc_s[103] s[64] calc_s[3] s[99] calc_s[99] s[77] calc_s[17] - s[62] calc_s[2] s[78] s[63] s[74] calc_s[4] - s[65] calc_s[30] s[75] calc_s[103] s[64] calc_s[3] - s[99] calc_s[99] - s[77] calc_s[17] - s[62] calc_s[2] s[63] s[74] calc_s[4] - s[76] calc_s[28] s[78] **139 - s[79] guess s[72] calc_s[31] - s[78] guess - s[65] calc_s[30] s[75] calc_s[103] - s[64] calc_s[3] s[99] calc_s[99] - s[77] calc_s[17] s[62] calc_s[2] s[78] s[79] s[74] calc_s[23] s[65] calc_s[30] - s[75] calc_s[103] - s[64] calc_s[3] - s[99] calc_s[99] s[77] calc_s[17] s[62] calc_s[2] s[100] calc_s[100] s[68] calc_s[10] s[85] calc_s[85] s[79] s[74] calc_s[25] - s[72] calc_s[31] - s[78] guess s[65] calc_s[30] - s[75] calc_s[103] - s[64] calc_s[3] s[99] calc_s[99] - s[77] calc_s[17] - s[62] calc_s[2] s[78] s[74] calc_s[4] - s[65] calc_s[30] s[75] calc_s[103] - s[64] calc_s[3] - s[99] calc_s[99] s[77] calc_s[17] - s[62] calc_s[2] s[74] calc_s[4] - s[103] guess s[63] **145 s[79] **147 s[78] **148 - s[63] guess s[79] **143 s[78] **144 s[76] calc_s[28] s[78] **142 - s[79] guess - s[72] calc_s[31] - s[78] guess s[65] calc_s[30] s[75] calc_s[103] s[64] calc_s[3] s[99] calc_s[99] - s[77] calc_s[17] - s[62] calc_s[2] s[78] s[79] s[63] s[103] calc_s[4] - s[65] calc_s[30] - s[75] calc_s[103] s[64] calc_s[3] - s[99] calc_s[99] s[77] calc_s[17] - s[62] calc_s[2] s[79] s[63] s[103] calc_s[4] s[72] calc_s[31] - s[78] guess - s[65] calc_s[30] - s[75] calc_s[103] s[64] calc_s[3] s[99] calc_s[99] - s[77] calc_s[17] s[62] calc_s[2] - s[100] calc_s[100] s[68] calc_s[10] - s[85] calc_s[85] s[78] s[63] s[103] calc_s[16] s[65] calc_s[30] s[75] calc_s[103] s[64] calc_s[3] - s[99] calc_s[99] s[77] calc_s[17] s[62] calc_s[2] s[63] s[103] calc_s[23] - s[76] calc_s[28] s[78] **146 - s[79] guess - s[72] calc_s[31] - s[78] guess s[65] calc_s[30] s[75] calc_s[103] - s[64] calc_s[3] s[99] calc_s[99] s[77] calc_s[17] - s[62] calc_s[2] s[78] s[79] s[103] calc_s[4] - s[65] calc_s[30] - s[75] calc_s[103] - s[64] calc_s[3] - s[99] calc_s[99] - s[77] calc_s[17] - s[62] calc_s[2] s[79] s[103] calc_s[4] s[72] calc_s[31] - s[78] guess - s[65] calc_s[30] - s[75] calc_s[103] - s[64] calc_s[3] s[99] calc_s[99] s[77] calc_s[17] s[62] calc_s[2] s[78] s[103] calc_s[23] s[65] calc_s[30] s[75] calc_s[103] - s[64] calc_s[3] - s[99] calc_s[99] - s[77] calc_s[17] s[62] calc_s[2] - s[100] calc_s[100] - s[68] calc_s[10] - s[85] calc_s[85] - s[92] calc_s[92] - s[61] calc_s[18] s[93] calc_s[93] - s[104] calc_s[104] - s[83] calc_s[83] s[87] calc_s[87] s[96] calc_s[96] - s[102] calc_s[102] s[81] calc_s[81] s[97] calc_s[97] - s[90] calc_s[90] - s[98] calc_s[98] - s[82] calc_s[82] - s[88] calc_s[88] - s[84] calc_s[84] - s[101] calc_s[101] s[80] calc_s[80] - s[94] calc_s[94] - s[95] calc_s[95] s[89] calc_s[89] - s[91] calc_s[91] - s[86] calc_s[86] MODEL First conflict Solution Found Backtrack Guess until conflict Start 6
CryptoMiniSat SAT solver that excels at cryptography General purpose: won SAT Race’10 0 1000 2000 3000 4000 5000 6000 80 100 120 140 160 180 200 220 240 Time(s) No. solved instances from SAT Comp’09 MiniSat 2.2 lingeling PrecoSat465 CryptoMiniSat SAT Comp’11 Collaborative: GPL, mailing list, regular releases 7
Demo 1 Generate HiTag2 problem: Grain-of-Salt tool 2 Solve it using CryptoMiniSat 3 Analyse results: ≈ 2 days to break 8
Conclusion SAT solvers are powerful tools to break weak cryptography CryptoMiniSat, a leading SAT solver, is waiting for your contribution Weak ciphers like HiTag2 should not be used in high-value applications 9

Recommended

Cepa andaluza by paco de lucia
Cepa andaluza by paco de luciaCepa andaluza by paco de lucia
Cepa andaluza by paco de lucia
Juan Luis Menares, Arquitecto
 
Anti lock breaking system
Anti lock breaking systemAnti lock breaking system
Anti lock breaking system
sarathomalloor g
 
Star travel app
Star travel appStar travel app
Star travel app
dhekanenandkishor
 
Empreendedorismo (parte 2), David Stephen
Empreendedorismo (parte 2), David StephenEmpreendedorismo (parte 2), David Stephen
Empreendedorismo (parte 2), David Stephen
David Stephen
 
Page 5
Page 5Page 5
Page 5
Josh Matthews
 
Progetto sapienza go
Progetto sapienza go Progetto sapienza go
Progetto sapienza go
Chiara Landi
 
Metadati2008
Metadati2008Metadati2008
Metadati2008
Università di Padova
 
User Generated AI for Interactive Digital Entertainment 2011
User Generated AI for Interactive Digital Entertainment 2011User Generated AI for Interactive Digital Entertainment 2011
User Generated AI for Interactive Digital Entertainment 2011
Ashwin Ram
 

Recommended

Cepa andaluza by paco de lucia
Cepa andaluza by paco de luciaCepa andaluza by paco de lucia
Cepa andaluza by paco de lucia
Juan Luis Menares, Arquitecto
 
Anti lock breaking system
Anti lock breaking systemAnti lock breaking system
Anti lock breaking system
sarathomalloor g
 
Star travel app
Star travel appStar travel app
Star travel app
dhekanenandkishor
 
Empreendedorismo (parte 2), David Stephen
Empreendedorismo (parte 2), David StephenEmpreendedorismo (parte 2), David Stephen
Empreendedorismo (parte 2), David Stephen
David Stephen
 
Page 5
Page 5Page 5
Page 5
Josh Matthews
 
Progetto sapienza go
Progetto sapienza go Progetto sapienza go
Progetto sapienza go
Chiara Landi
 
Metadati2008
Metadati2008Metadati2008
Metadati2008
Università di Padova
 
User Generated AI for Interactive Digital Entertainment 2011
User Generated AI for Interactive Digital Entertainment 2011User Generated AI for Interactive Digital Entertainment 2011
User Generated AI for Interactive Digital Entertainment 2011
Ashwin Ram
 
Slides aula 8 análise de mercado rev.sam
Slides aula 8 análise de mercado rev.samSlides aula 8 análise de mercado rev.sam
Slides aula 8 análise de mercado rev.sam
Girlany Rino
 
Slides aula 12 marketing estratégico - orientações rev.sam
Slides aula 12 marketing estratégico - orientações rev.samSlides aula 12 marketing estratégico - orientações rev.sam
Slides aula 12 marketing estratégico - orientações rev.sam
Girlany Rino
 
Anti lock breaking system pro
Anti lock breaking system proAnti lock breaking system pro
Anti lock breaking system pro
Ajit Dubey
 
Slides aula 3 o empreendedorismo - conceitos rev.sam
Slides aula 3 o empreendedorismo - conceitos rev.samSlides aula 3 o empreendedorismo - conceitos rev.sam
Slides aula 3 o empreendedorismo - conceitos rev.sam
Girlany Rino
 
Slides aula 10 plano operacional e financeiro rev.sam
Slides aula 10 plano operacional e financeiro rev.samSlides aula 10 plano operacional e financeiro rev.sam
Slides aula 10 plano operacional e financeiro rev.sam
Girlany Rino
 
6 games
6 games6 games
6 games
Mhd Sb
 
Artificial intelligence In Modern-Games.
Artificial intelligence In Modern-Games. Artificial intelligence In Modern-Games.
Artificial intelligence In Modern-Games.
Nitish Kavishetti
 
Rkf
RkfRkf
Rkf
faintcardy
 
Statistics & Decision Science for Agile - A Guided Tour
Statistics & Decision Science for Agile - A Guided TourStatistics & Decision Science for Agile - A Guided Tour
Statistics & Decision Science for Agile - A Guided Tour
Sanjaya K Saxena
 
Algebra and Trigonometry 9th Edition Larson Solutions Manual
Algebra and Trigonometry 9th Edition Larson Solutions ManualAlgebra and Trigonometry 9th Edition Larson Solutions Manual
Algebra and Trigonometry 9th Edition Larson Solutions Manual
kejeqadaqo
 
Arna Friend Controls II Final
Arna Friend Controls II FinalArna Friend Controls II Final
Arna Friend Controls II Final
Arna Friend
 
Data Smashing
Data SmashingData Smashing
Data Smashing
Ishanu Chattopadhyay
 
Likelihood approximation with parallel hierarchical matrices for large spatia...
Likelihood approximation with parallel hierarchical matrices for large spatia...Likelihood approximation with parallel hierarchical matrices for large spatia...
Likelihood approximation with parallel hierarchical matrices for large spatia...
Alexander Litvinenko
 
Poster litvinenko genton_ying_hpcsaudi17
Poster litvinenko genton_ying_hpcsaudi17Poster litvinenko genton_ying_hpcsaudi17
Poster litvinenko genton_ying_hpcsaudi17
Alexander Litvinenko
 
Game theory
Game theoryGame theory
Game theory
sairajch10
 
Selective codes
Selective codesSelective codes
Selective codes
Siva Gopal
 
Test s velocity_15_5_4
Test s velocity_15_5_4Test s velocity_15_5_4
Test s velocity_15_5_4
Kunihiko Saito
 
Rabotna tetratka 5 odd
Rabotna tetratka 5 oddRabotna tetratka 5 odd
Rabotna tetratka 5 odd
Mira Trajkoska
 
C PROGRAMS - SARASWATHI RAMALINGAM
C PROGRAMS - SARASWATHI RAMALINGAMC PROGRAMS - SARASWATHI RAMALINGAM
C PROGRAMS - SARASWATHI RAMALINGAM
SaraswathiRamalingam
 
LCS35
LCS35LCS35
LCS35
XequeMateShannon
 
論文紹介 Hyperkernel: Push-Button Verification of an OS Kernel (SOSP’17)
論文紹介 Hyperkernel: Push-Button Verification of an OS Kernel (SOSP’17)論文紹介 Hyperkernel: Push-Button Verification of an OS Kernel (SOSP’17)
論文紹介 Hyperkernel: Push-Button Verification of an OS Kernel (SOSP’17)
mmisono
 
PVS-Studio team experience: checking various open source projects, or mistake...
PVS-Studio team experience: checking various open source projects, or mistake...PVS-Studio team experience: checking various open source projects, or mistake...
PVS-Studio team experience: checking various open source projects, or mistake...
Andrey Karpov
 

More Related Content

Viewers also liked

Slides aula 8 análise de mercado rev.sam
Slides aula 8 análise de mercado rev.samSlides aula 8 análise de mercado rev.sam
Slides aula 8 análise de mercado rev.sam
Girlany Rino
 
Slides aula 12 marketing estratégico - orientações rev.sam
Slides aula 12 marketing estratégico - orientações rev.samSlides aula 12 marketing estratégico - orientações rev.sam
Slides aula 12 marketing estratégico - orientações rev.sam
Girlany Rino
 
Anti lock breaking system pro
Anti lock breaking system proAnti lock breaking system pro
Anti lock breaking system pro
Ajit Dubey
 
Slides aula 3 o empreendedorismo - conceitos rev.sam
Slides aula 3 o empreendedorismo - conceitos rev.samSlides aula 3 o empreendedorismo - conceitos rev.sam
Slides aula 3 o empreendedorismo - conceitos rev.sam
Girlany Rino
 
Slides aula 10 plano operacional e financeiro rev.sam
Slides aula 10 plano operacional e financeiro rev.samSlides aula 10 plano operacional e financeiro rev.sam
Slides aula 10 plano operacional e financeiro rev.sam
Girlany Rino
 
6 games
6 games6 games
6 games
Mhd Sb
 
Artificial intelligence In Modern-Games.
Artificial intelligence In Modern-Games. Artificial intelligence In Modern-Games.
Artificial intelligence In Modern-Games.
Nitish Kavishetti
 

Viewers also liked (7)

Slides aula 8 análise de mercado rev.sam
Slides aula 8 análise de mercado rev.samSlides aula 8 análise de mercado rev.sam
Slides aula 8 análise de mercado rev.sam
 
Slides aula 12 marketing estratégico - orientações rev.sam
Slides aula 12 marketing estratégico - orientações rev.samSlides aula 12 marketing estratégico - orientações rev.sam
Slides aula 12 marketing estratégico - orientações rev.sam
 
Anti lock breaking system pro
Anti lock breaking system proAnti lock breaking system pro
Anti lock breaking system pro
 
Slides aula 3 o empreendedorismo - conceitos rev.sam
Slides aula 3 o empreendedorismo - conceitos rev.samSlides aula 3 o empreendedorismo - conceitos rev.sam
Slides aula 3 o empreendedorismo - conceitos rev.sam
 
Slides aula 10 plano operacional e financeiro rev.sam
Slides aula 10 plano operacional e financeiro rev.samSlides aula 10 plano operacional e financeiro rev.sam
Slides aula 10 plano operacional e financeiro rev.sam
 
6 games
6 games6 games
6 games
 
Artificial intelligence In Modern-Games.
Artificial intelligence In Modern-Games. Artificial intelligence In Modern-Games.
Artificial intelligence In Modern-Games.
 

Similar to Breaking Industrial Ciphers at a Whim

Rkf
RkfRkf
Rkf
faintcardy
 
Statistics & Decision Science for Agile - A Guided Tour
Statistics & Decision Science for Agile - A Guided TourStatistics & Decision Science for Agile - A Guided Tour
Statistics & Decision Science for Agile - A Guided Tour
Sanjaya K Saxena
 
Algebra and Trigonometry 9th Edition Larson Solutions Manual
Algebra and Trigonometry 9th Edition Larson Solutions ManualAlgebra and Trigonometry 9th Edition Larson Solutions Manual
Algebra and Trigonometry 9th Edition Larson Solutions Manual
kejeqadaqo
 
Arna Friend Controls II Final
Arna Friend Controls II FinalArna Friend Controls II Final
Arna Friend Controls II Final
Arna Friend
 
Data Smashing
Data SmashingData Smashing
Data Smashing
Ishanu Chattopadhyay
 
Likelihood approximation with parallel hierarchical matrices for large spatia...
Likelihood approximation with parallel hierarchical matrices for large spatia...Likelihood approximation with parallel hierarchical matrices for large spatia...
Likelihood approximation with parallel hierarchical matrices for large spatia...
Alexander Litvinenko
 
Poster litvinenko genton_ying_hpcsaudi17
Poster litvinenko genton_ying_hpcsaudi17Poster litvinenko genton_ying_hpcsaudi17
Poster litvinenko genton_ying_hpcsaudi17
Alexander Litvinenko
 
Game theory
Game theoryGame theory
Game theory
sairajch10
 
Selective codes
Selective codesSelective codes
Selective codes
Siva Gopal
 
Test s velocity_15_5_4
Test s velocity_15_5_4Test s velocity_15_5_4
Test s velocity_15_5_4
Kunihiko Saito
 
Rabotna tetratka 5 odd
Rabotna tetratka 5 oddRabotna tetratka 5 odd
Rabotna tetratka 5 odd
Mira Trajkoska
 
C PROGRAMS - SARASWATHI RAMALINGAM
C PROGRAMS - SARASWATHI RAMALINGAMC PROGRAMS - SARASWATHI RAMALINGAM
C PROGRAMS - SARASWATHI RAMALINGAM
SaraswathiRamalingam
 
LCS35
LCS35LCS35
LCS35
XequeMateShannon
 
論文紹介 Hyperkernel: Push-Button Verification of an OS Kernel (SOSP’17)
論文紹介 Hyperkernel: Push-Button Verification of an OS Kernel (SOSP’17)論文紹介 Hyperkernel: Push-Button Verification of an OS Kernel (SOSP’17)
論文紹介 Hyperkernel: Push-Button Verification of an OS Kernel (SOSP’17)
mmisono
 
PVS-Studio team experience: checking various open source projects, or mistake...
PVS-Studio team experience: checking various open source projects, or mistake...PVS-Studio team experience: checking various open source projects, or mistake...
PVS-Studio team experience: checking various open source projects, or mistake...
Andrey Karpov
 
Sequential Learning in the Position-Based Model
Sequential Learning in the Position-Based ModelSequential Learning in the Position-Based Model
Sequential Learning in the Position-Based Model
recsysfr
 
DSP LAB COMPLETE CODES.docx
DSP LAB COMPLETE CODES.docxDSP LAB COMPLETE CODES.docx
DSP LAB COMPLETE CODES.docx
MUMAR57
 
Ernest f. haeussler, richard s. paul y richard j. wood. matemáticas para admi...
Ernest f. haeussler, richard s. paul y richard j. wood. matemáticas para admi...Ernest f. haeussler, richard s. paul y richard j. wood. matemáticas para admi...
Ernest f. haeussler, richard s. paul y richard j. wood. matemáticas para admi...
Jhonatan Minchán
 
Solucionario de matemáticas para administación y economia
Solucionario de matemáticas para administación y economiaSolucionario de matemáticas para administación y economia
Solucionario de matemáticas para administación y economia
Luis Perez Anampa
 
31350052 introductory-mathematical-analysis-textbook-solution-manual
31350052 introductory-mathematical-analysis-textbook-solution-manual31350052 introductory-mathematical-analysis-textbook-solution-manual
31350052 introductory-mathematical-analysis-textbook-solution-manual
Mahrukh Khalid
 

Similar to Breaking Industrial Ciphers at a Whim (20)

Rkf
RkfRkf
Rkf
 
Statistics & Decision Science for Agile - A Guided Tour
Statistics & Decision Science for Agile - A Guided TourStatistics & Decision Science for Agile - A Guided Tour
Statistics & Decision Science for Agile - A Guided Tour
 
Algebra and Trigonometry 9th Edition Larson Solutions Manual
Algebra and Trigonometry 9th Edition Larson Solutions ManualAlgebra and Trigonometry 9th Edition Larson Solutions Manual
Algebra and Trigonometry 9th Edition Larson Solutions Manual
 
Arna Friend Controls II Final
Arna Friend Controls II FinalArna Friend Controls II Final
Arna Friend Controls II Final
 
Data Smashing
Data SmashingData Smashing
Data Smashing
 
Likelihood approximation with parallel hierarchical matrices for large spatia...
Likelihood approximation with parallel hierarchical matrices for large spatia...Likelihood approximation with parallel hierarchical matrices for large spatia...
Likelihood approximation with parallel hierarchical matrices for large spatia...
 
Poster litvinenko genton_ying_hpcsaudi17
Poster litvinenko genton_ying_hpcsaudi17Poster litvinenko genton_ying_hpcsaudi17
Poster litvinenko genton_ying_hpcsaudi17
 
Game theory
Game theoryGame theory
Game theory
 
Selective codes
Selective codesSelective codes
Selective codes
 
Test s velocity_15_5_4
Test s velocity_15_5_4Test s velocity_15_5_4
Test s velocity_15_5_4
 
Rabotna tetratka 5 odd
Rabotna tetratka 5 oddRabotna tetratka 5 odd
Rabotna tetratka 5 odd
 
C PROGRAMS - SARASWATHI RAMALINGAM
C PROGRAMS - SARASWATHI RAMALINGAMC PROGRAMS - SARASWATHI RAMALINGAM
C PROGRAMS - SARASWATHI RAMALINGAM
 
LCS35
LCS35LCS35
LCS35
 
論文紹介 Hyperkernel: Push-Button Verification of an OS Kernel (SOSP’17)
論文紹介 Hyperkernel: Push-Button Verification of an OS Kernel (SOSP’17)論文紹介 Hyperkernel: Push-Button Verification of an OS Kernel (SOSP’17)
論文紹介 Hyperkernel: Push-Button Verification of an OS Kernel (SOSP’17)
 
PVS-Studio team experience: checking various open source projects, or mistake...
PVS-Studio team experience: checking various open source projects, or mistake...PVS-Studio team experience: checking various open source projects, or mistake...
PVS-Studio team experience: checking various open source projects, or mistake...
 
Sequential Learning in the Position-Based Model
Sequential Learning in the Position-Based ModelSequential Learning in the Position-Based Model
Sequential Learning in the Position-Based Model
 
DSP LAB COMPLETE CODES.docx
DSP LAB COMPLETE CODES.docxDSP LAB COMPLETE CODES.docx
DSP LAB COMPLETE CODES.docx
 
Ernest f. haeussler, richard s. paul y richard j. wood. matemáticas para admi...
Ernest f. haeussler, richard s. paul y richard j. wood. matemáticas para admi...Ernest f. haeussler, richard s. paul y richard j. wood. matemáticas para admi...
Ernest f. haeussler, richard s. paul y richard j. wood. matemáticas para admi...
 
Solucionario de matemáticas para administación y economia
Solucionario de matemáticas para administación y economiaSolucionario de matemáticas para administación y economia
Solucionario de matemáticas para administación y economia
 
31350052 introductory-mathematical-analysis-textbook-solution-manual
31350052 introductory-mathematical-analysis-textbook-solution-manual31350052 introductory-mathematical-analysis-textbook-solution-manual
31350052 introductory-mathematical-analysis-textbook-solution-manual
 

Recently uploaded

HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUHCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
panagenda
 
Skybuffer SAM4U tool for SAP license adoption
Skybuffer SAM4U tool for SAP license adoptionSkybuffer SAM4U tool for SAP license adoption
Skybuffer SAM4U tool for SAP license adoption
Tatiana Kojar
 
Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)
Jakub Marek
 
Fueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte WebinarFueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte Webinar
Zilliz
 
Introduction of Cybersecurity with OSS at Code Europe 2024
Introduction of Cybersecurity with OSS at Code Europe 2024Introduction of Cybersecurity with OSS at Code Europe 2024
Introduction of Cybersecurity with OSS at Code Europe 2024
Hiroshi SHIBATA
 
Generating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and MilvusGenerating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and Milvus
Zilliz
 
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Speck&Tech
 
Best 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERPBest 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERP
Pixlogix Infotech
 
GraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracyGraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracy
Tomaz Bratanic
 
Recommendation System using RAG Architecture
Recommendation System using RAG ArchitectureRecommendation System using RAG Architecture
Recommendation System using RAG Architecture
fredae14
 
Project Management Semester Long Project - Acuity
Project Management Semester Long Project - AcuityProject Management Semester Long Project - Acuity
Project Management Semester Long Project - Acuity
jpupo2018
 
UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6
DianaGray10
 
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
saastr
 
AI 101: An Introduction to the Basics and Impact of Artificial Intelligence
AI 101: An Introduction to the Basics and Impact of Artificial IntelligenceAI 101: An Introduction to the Basics and Impact of Artificial Intelligence
AI 101: An Introduction to the Basics and Impact of Artificial Intelligence
IndexBug
 
June Patch Tuesday
June Patch TuesdayJune Patch Tuesday
June Patch Tuesday
Ivanti
 
Webinar: Designing a schema for a Data Warehouse
Webinar: Designing a schema for a Data WarehouseWebinar: Designing a schema for a Data Warehouse
Webinar: Designing a schema for a Data Warehouse
Federico Razzoli
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
Quotidiano Piemontese
 
Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024
Jason Packer
 
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdfMonitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Tosin Akinosho
 
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success StoryDriving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Safe Software
 

Recently uploaded (20)

HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUHCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
 
Skybuffer SAM4U tool for SAP license adoption
Skybuffer SAM4U tool for SAP license adoptionSkybuffer SAM4U tool for SAP license adoption
Skybuffer SAM4U tool for SAP license adoption
 
Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)
 
Fueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte WebinarFueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte Webinar
 
Introduction of Cybersecurity with OSS at Code Europe 2024
Introduction of Cybersecurity with OSS at Code Europe 2024Introduction of Cybersecurity with OSS at Code Europe 2024
Introduction of Cybersecurity with OSS at Code Europe 2024
 
Generating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and MilvusGenerating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and Milvus
 
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
 
Best 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERPBest 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERP
 
GraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracyGraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracy
 
Recommendation System using RAG Architecture
Recommendation System using RAG ArchitectureRecommendation System using RAG Architecture
Recommendation System using RAG Architecture
 
Project Management Semester Long Project - Acuity
Project Management Semester Long Project - AcuityProject Management Semester Long Project - Acuity
Project Management Semester Long Project - Acuity
 
UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6
 
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
 
AI 101: An Introduction to the Basics and Impact of Artificial Intelligence
AI 101: An Introduction to the Basics and Impact of Artificial IntelligenceAI 101: An Introduction to the Basics and Impact of Artificial Intelligence
AI 101: An Introduction to the Basics and Impact of Artificial Intelligence
 
June Patch Tuesday
June Patch TuesdayJune Patch Tuesday
June Patch Tuesday
 
Webinar: Designing a schema for a Data Warehouse
Webinar: Designing a schema for a Data WarehouseWebinar: Designing a schema for a Data Warehouse
Webinar: Designing a schema for a Data Warehouse
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
 
Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024
 
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdfMonitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdf
 
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success StoryDriving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success Story
 

Breaking Industrial Ciphers at a Whim

  • 1. Breaking Industrial Ciphers at a Whim MATE SOOS PRESENTATION AT HES’11
  • 2. Story line 1 HiTag2: reverse-engineered proprietary cipher 2 Analytic tools are needed to investigate them 3 CryptoMiniSat: free software tool to test ciphers (and to break them) 2
  • 3. Philips HiTag2 Cipher For access control: cars, army buildings Proprietary: reverse-engineered by Karsten Nohl and Sean O’Neil Feedback linear(!), filter non-linear 3
  • 4. SAT Solvers Input: CNF, an “and of or-s’ (x1 ∨ ¬x3) ∧ (¬x2 ∨ x3) ∧ (x1 ∨ x2) Crypto-problem needs conversion Uses DPLL(ϕ) algorithm 1 If (formula ϕ trivial) return SAT/UNSAT 2 ret ← DPLL(ϕ with v ← true) 3 If (ret = SAT) return SAT 4 ret ← DPLL(ϕ with v ← false) 5 If (ret = SAT) return SAT 6 return UNSAT 4
  • 5. Toy Example (¬x1 ∨ ¬x2 ∨ x3) ∧ (¬x1 ∨ x2) ∧ (¬x1 ∨ ¬x2) Clause 1 Clause 2 Clause 3 1 Guess: x1 = True 2 Clause 2: x2 = True 3 Clause 3: impossible! Reverse guess. 4 x1 = False 5 Good, everything is satisfied! 5
  • 6. Example Search Tree BEGIN - s[60] guess - s[104] guess s[104] **115 s[63] **121 s[74] **123 s[103] **125 s[79] **126 - s[103] guess s[103] **99 s[79] **107 s[74] **111 s[63] **113 s[78] **114 - s[102] guess - s[100] **95 s[63] **97 s[79] **98 - s[101] guess s[100] **87 s[79] **91 s[63] **93 s[74] **94 - s[100] guess - s[99] guess s[99] **79 s[74] **83 s[63] **85 s[79] **86 - s[98] guess s[96] **72 s[63] **75 s[79] **77 s[74] **78 - s[97] guess - s[96] guess - s[95] guess - s[79] **68 s[63] **70 s[74] **71 - s[94] guess - s[93] guess - s[92] guess - s[91] guess - s[90] guess - s[89] guess - s[88] guess - s[87] guess - s[86] guess - s[85] guess - s[84] guess s[79] **64 s[74] **66 s[65] **67 - s[83] guess - s[82] guess - s[81] guess - s[80] guess - s[79] guess - s[78] guess s[78] **60 s[63] **62 s[65] **63 - s[77] guess s[77] **58 s[74] **59 - s[76] guess s[76] **57 s[63] calc_s[28] - s[65] calc_s[17] s[72] calc_s[30] s[74] calc_s[93] - s[62] calc_s[2] - s[75] calc_s[100] - s[61] calc_s[80] s[76] s[77] s[78] s[102] s[79] s[100] s[60] s[93] calc_s[102] - s[63] calc_s[28] s[65] calc_s[17] - s[72] calc_s[30] s[74] calc_s[93] s[77] s[78] s[79] s[60] s[93] s[102] s[100] calc_s[31] - s[74] guess - s[72] calc_s[31] s[65] calc_s[30] - s[63] calc_s[93] s[74] - s[77] s[79] s[78] s[93] s[60] calc_s[17] s[72] calc_s[31] - s[65] calc_s[30] - s[63] calc_s[93] s[75] calc_s[99] s[76] calc_s[28] s[78] s[79] s[60] s[103] s[99] s[93] s[102] s[100] calc_s[103] - s[63] guess s[74] **61 s[76] calc_s[28] - s[74] guess - s[72] calc_s[31] - s[75] calc_s[103] - s[65] calc_s[30] s[74] s[63] s[99] s[60] - s[78] s[79] s[103] calc_s[99] s[72] calc_s[31] s[75] calc_s[103] s[65] calc_s[30] s[64] calc_s[4] s[62] calc_s[96] s[61] calc_s[80] s[77] calc_s[93] s[63] s[79] - s[78] s[93] s[60] s[99] s[103] calc_s[17] - s[76] calc_s[28] - s[65] guess - s[72] calc_s[30] - s[77] calc_s[17] s[62] calc_s[2] - s[74] calc_s[31] - s[64] calc_s[104] s[75] calc_s[96] s[65] - s[78] s[79] s[85] - s[63] s[96] s[104] s[60] calc_s[85] s[72] calc_s[30] s[77] calc_s[17] - s[62] calc_s[2] s[74] calc_s[31] s[79] s[85] s[60] s[93] s[96] s[104] s[99] s[103] s[102] s[100] calc_s[93] - s[74] guess s[63] **65 s[72] calc_s[31] - s[63] guess s[76] calc_s[28] s[75] calc_s[100] s[78] calc_s[103] - s[65] calc_s[99] s[64] calc_s[4] s[63] s[74] s[60] - s[79] s[99] s[103] s[100] calc_s[3] - s[76] calc_s[28] - s[75] calc_s[100] - s[78] calc_s[103] - s[65] calc_s[99] s[64] calc_s[4] s[62] calc_s[96] s[77] calc_s[17] s[74] - s[79] s[60] s[96] s[99] s[103] s[100] calc_s[2] - s[72] calc_s[31] - s[65] guess s[78] calc_s[30] - s[75] calc_s[99] s[76] calc_s[100] - s[64] calc_s[4] - s[63] calc_s[28] - s[68] calc_s[10] s[77] calc_s[104] s[65] - s[74] s[60] - s[79] s[100] s[99] calc_s[3] - s[78] calc_s[30] - s[75] calc_s[99] s[76] calc_s[100] s[64] calc_s[4] - s[63] calc_s[28] - s[79] s[96] s[103] s[100] s[99] s[60] calc_s[103] - s[63] guess s[74] **69 s[76] calc_s[28] - s[74] guess - s[78] **61 - s[72] calc_s[31] - s[75] calc_s[100] s[93] **60 s[65] calc_s[30] s[74] s[63] s[60] s[79] s[103] s[100] s[99] calc_s[103] s[72] calc_s[31] s[75] calc_s[100] s[62] calc_s[96] s[78] calc_s[103] - s[68] calc_s[27] - s[77] calc_s[102] - s[65] calc_s[2] s[61] calc_s[19] s[63] s[96] s[102] s[103] s[60] s[100] s[99] calc_s[7] - s[76] calc_s[28] - s[74] guess - s[72] calc_s[31] s[75] calc_s[100] s[62] calc_s[96] - s[78] calc_s[103] - s[68] calc_s[27] - s[77] calc_s[102] s[74] - s[63] s[60] s[79] s[103] s[96] s[100] calc_s[8] s[72] calc_s[31] - s[75] calc_s[100] s[62] calc_s[96] - s[78] calc_s[103] s[68] calc_s[27] - s[77] calc_s[102] s[65] calc_s[2] s[61] calc_s[19] s[96] s[99] s[102] s[103] s[100] s[60] calc_s[20] - s[63] guess s[74] **73 s[79] **74 s[76] calc_s[28] - s[74] guess - s[79] **65 s[74] s[63] s[60] s[103] s[100] s[99] **69 - s[79] guess s[72] calc_s[31] s[75] calc_s[100] - s[62] calc_s[96] s[78] calc_s[103] s[68] calc_s[27] s[77] calc_s[102] - s[65] calc_s[2] - s[61] calc_s[19] s[79] - s[74] s[60] s[63] s[102] s[103] - s[96] s[100] calc_s[7] s[65] **67 - s[72] calc_s[31] - s[75] calc_s[100] - s[78] calc_s[30] s[77] calc_s[17] s[62] calc_s[2] s[64] calc_s[4] s[63] s[99] s[100] s[60] s[102] s[103] calc_s[23] - s[76] calc_s[28] s[74] **76 - s[79] guess - s[74] guess - s[72] calc_s[31] s[75] calc_s[100] - s[62] calc_s[96] - s[78] calc_s[103] s[68] calc_s[27] s[77] calc_s[102] s[74] s[79] - s[63] s[60] s[103] - s[96] s[100] calc_s[8] s[72] calc_s[31] - s[75] calc_s[100] - s[62] calc_s[96] - s[78] calc_s[103] - s[68] calc_s[27] s[77] calc_s[102] s[65] calc_s[2] - s[61] calc_s[19] s[79] - s[63] s[60] s[102] s[103] - s[96] s[100] calc_s[20] - s[74] guess s[72] calc_s[31] - s[75] calc_s[100] - s[62] calc_s[96] - s[78] calc_s[103] - s[68] calc_s[27] - s[77] calc_s[102] s[74] - s[63] s[60] - s[79] s[103] - s[96] s[100] calc_s[8] s[65] **67 - s[72] calc_s[31] s[75] calc_s[100] - s[78] calc_s[30] s[99] s[100] s[60] s[103] s[102] calc_s[99] - s[74] guess s[63] **81 s[79] **82 - s[63] guess s[79] **80 s[76] calc_s[28] - s[79] guess - s[72] calc_s[31] - s[75] calc_s[100] s[78] calc_s[103] - s[65] calc_s[30] - s[64] calc_s[3] s[77] calc_s[17] s[62] calc_s[2] s[79] s[63] s[60] s[74] s[103] s[100] calc_s[4] s[72] calc_s[31] s[75] calc_s[100] s[78] calc_s[103] s[65] calc_s[30] - s[64] calc_s[3] s[77] calc_s[17] - s[62] calc_s[2] s[63] s[74] s[60] s[103] s[100] calc_s[23] - s[76] calc_s[28] - s[79] guess - s[96] **76 s[79] s[74] s[60] s[103] s[100] **71 - s[96] **78 s[72] calc_s[31] - s[75] calc_s[100] s[62] calc_s[96] - s[78] calc_s[103] s[68] calc_s[27] s[77] calc_s[102] s[74] s[100] s[103] s[60] calc_s[8] - s[63] guess s[79] **84 s[76] calc_s[28] - s[79] guess - s[96] **74 s[72] calc_s[31] s[75] calc_s[100] s[62] calc_s[96] s[78] calc_s[103] - s[68] calc_s[27] - s[77] calc_s[102] - s[65] calc_s[2] s[61] calc_s[19] s[79] s[63] s[60] s[102] s[103] s[100] calc_s[7] - s[72] calc_s[31] - s[75] calc_s[100] s[78] calc_s[103] - s[65] calc_s[30] s[63] s[100] s[103] s[60] s[102] calc_s[99] - s[76] calc_s[28] - s[79] guess - s[96] **77 s[72] calc_s[31] - s[75] calc_s[100] s[62] calc_s[96] - s[78] calc_s[103] s[68] calc_s[27] - s[77] calc_s[102] s[65] calc_s[2] s[61] calc_s[19] s[79] s[100] s[102] s[103] s[60] calc_s[20] - s[72] calc_s[31] s[75] calc_s[100] - s[78] calc_s[103] s[65] calc_s[30] - s[64] calc_s[3] - s[77] calc_s[17] s[62] calc_s[2] s[100] s[102] s[103] s[60] calc_s[4] - s[79] guess s[63] **89 s[74] **90 - s[63] guess s[74] **88 s[76] calc_s[28] - s[74] guess - s[72] calc_s[31] s[75] calc_s[100] - s[78] calc_s[103] s[65] calc_s[30] - s[64] calc_s[3] - s[99] calc_s[99] - s[77] calc_s[17] s[62] calc_s[2] s[74] s[63] s[79] s[60] s[103] - s[100] calc_s[4] s[72] calc_s[31] - s[75] calc_s[100] - s[78] calc_s[103] - s[65] calc_s[30] s[64] calc_s[3] s[99] calc_s[99] s[77] calc_s[17] - s[62] calc_s[2] s[63] s[79] s[60] s[103] - s[100] calc_s[23] - s[76] calc_s[28] - s[74] guess - s[72] calc_s[31] - s[75] calc_s[100] s[78] calc_s[103] - s[65] calc_s[30] s[64] calc_s[3] s[99] calc_s[99] - s[77] calc_s[17] s[62] calc_s[2] s[74] s[79] s[60] s[103] - s[100] calc_s[4] s[72] calc_s[31] s[75] calc_s[100] s[78] calc_s[103] s[65] calc_s[30] - s[64] calc_s[3] - s[99] calc_s[99] s[77] calc_s[17] - s[62] calc_s[2] s[79] - s[100] s[103] s[60] calc_s[23] - s[63] guess s[74] **92 s[76] calc_s[28] - s[74] guess s[72] calc_s[31] - s[75] calc_s[100] - s[78] calc_s[103] - s[65] calc_s[30] - s[64] calc_s[3] - s[99] calc_s[99] - s[77] calc_s[17] - s[62] calc_s[2] s[68] calc_s[10] s[74] s[63] s[60] s[103] - s[100] calc_s[24] - s[72] calc_s[31] s[75] calc_s[100] - s[78] calc_s[103] s[65] calc_s[30] s[64] calc_s[3] s[99] calc_s[99] s[77] calc_s[17] s[62] calc_s[2] s[63] - s[100] s[103] s[60] calc_s[4] - s[76] calc_s[28] - s[74] guess s[72] calc_s[31] s[75] calc_s[100] s[78] calc_s[103] s[65] calc_s[30] s[64] calc_s[3] s[99] calc_s[99] - s[77] calc_s[17] - s[62] calc_s[2] - s[68] calc_s[10] s[74] - s[100] s[103] s[60] calc_s[24] - s[72] calc_s[31] - s[75] calc_s[100] s[78] calc_s[103] - s[65] calc_s[30] - s[64] calc_s[3] - s[99] calc_s[99] s[77] calc_s[17] s[62] calc_s[2] - s[100] s[103] s[60] calc_s[4] s[74] **83 s[79] **96 s[102] **87 - s[63] guess s[76] calc_s[28] - s[79] guess s[72] calc_s[31] s[75] calc_s[100] s[78] calc_s[103] s[65] calc_s[30] s[64] calc_s[3] - s[99] calc_s[99] - s[77] calc_s[17] - s[62] calc_s[2] s[68] calc_s[10] s[79] s[63] s[104] s[60] s[103] calc_s[104] - s[72] calc_s[31] - s[75] calc_s[100] s[78] calc_s[103] - s[65] calc_s[30] s[64] calc_s[3] s[99] **67 s[63] s[103] s[60] s[104] calc_s[99] - s[76] calc_s[28] - s[79] guess s[72] calc_s[31] - s[75] calc_s[100] - s[78] calc_s[103] - s[65] calc_s[30] - s[64] calc_s[3] s[99] calc_s[99] - s[77] calc_s[17] - s[62] calc_s[2] - s[68] calc_s[10] s[79] s[103] s[60] s[104] calc_s[104] - s[72] calc_s[31] s[75] calc_s[100] - s[78] calc_s[103] s[65] calc_s[30] - s[64] calc_s[3] s[99] calc_s[99] - s[77] calc_s[17] s[62] calc_s[2] s[103] s[104] s[60] calc_s[4] - s[79] guess s[63] **103 s[74] **105 s[78] **106 - s[63] guess s[74] **101 s[78] **102 s[76] calc_s[28] s[75] **100 - s[74] guess - s[72] calc_s[31] - s[100] guess - s[75] calc_s[100] - s[78] calc_s[103] s[65] calc_s[30] s[64] calc_s[3] s[99] calc_s[99] - s[77] calc_s[17] s[62] calc_s[2] s[75] s[74] s[79] s[63] s[60] - s[103] calc_s[4] s[100] calc_s[100] s[78] calc_s[103] - s[65] calc_s[30] s[64] calc_s[3] - s[99] calc_s[99] s[77] calc_s[17] s[62] calc_s[2] s[74] s[63] s[79] s[60] - s[103] calc_s[4] s[72] calc_s[31] - s[78] guess - s[65] calc_s[30] s[75] calc_s[103] - s[64] calc_s[3] - s[99] calc_s[99] s[77] calc_s[17] - s[62] calc_s[2] - s[100] calc_s[100] - s[68] calc_s[10] s[78] s[63] s[104] s[79] s[60] calc_s[104] s[65] calc_s[30] - s[75] calc_s[103] - s[64] calc_s[3] s[99] calc_s[99] - s[77] calc_s[17] - s[62] calc_s[2] s[63] s[79] s[60] s[104] calc_s[23] - s[76] calc_s[28] s[78] **104 - s[74] guess - s[72] calc_s[31] - s[78] guess s[65] calc_s[30] - s[75] calc_s[103] - s[64] calc_s[3] s[99] calc_s[99] s[77] calc_s[17] s[62] calc_s[2] s[78] s[74] s[79] - s[63] s[60] - s[103] calc_s[4] - s[65] calc_s[30] s[75] calc_s[103] - s[64] calc_s[3] - s[99] calc_s[99] - s[77] calc_s[17] s[62] calc_s[2] s[74] s[79] s[60] - s[63] - s[103] calc_s[4] s[72] calc_s[31] - s[78] guess - s[65] calc_s[30] s[75] calc_s[103] s[64] calc_s[3] - s[99] calc_s[99] - s[77] calc_s[17] - s[62] calc_s[2] s[78] - s[63] s[60] s[79] - s[103] calc_s[23] s[65] calc_s[30] - s[75] calc_s[103] s[64] calc_s[3] s[99] calc_s[99] s[77] calc_s[17] - s[62] calc_s[2] - s[100] calc_s[100] s[68] calc_s[10] s[79] s[104] s[60] calc_s[104] - s[74] guess s[63] **109 s[78] **110 s[72] calc_s[31] s[78] **108 - s[63] guess s[76] calc_s[28] - s[78] guess - s[65] calc_s[30] s[75] calc_s[103] s[64] calc_s[3] s[99] calc_s[99] - s[77] calc_s[17] - s[62] calc_s[2] s[78] s[63] s[60] - s[79] s[74] - s[103] calc_s[23] s[65] calc_s[30] - s[75] calc_s[103] s[64] calc_s[3] - s[99] calc_s[99] s[77] calc_s[17] - s[62] calc_s[2] s[100] calc_s[100] - s[68] calc_s[10] s[63] s[74] - s[79] s[60] - s[103] calc_s[24] - s[76] calc_s[28] - s[78] guess - s[65] calc_s[30] s[75] calc_s[103] - s[64] calc_s[3] s[99] calc_s[99] s[77] calc_s[17] - s[62] calc_s[2] s[100] calc_s[100] s[68] calc_s[10] s[78] s[74] - s[79] s[60] - s[103] calc_s[24] s[65] calc_s[30] - s[75] calc_s[103] - s[64] calc_s[3] - s[99] calc_s[99] - s[77] calc_s[17] - s[62] calc_s[2] s[74] - s[79] s[60] - s[103] calc_s[23] - s[72] calc_s[31] s[78] **112 - s[63] guess s[76] calc_s[28] - s[78] guess s[65] calc_s[30] - s[75] calc_s[103] - s[64] calc_s[3] - s[99] calc_s[99] s[77] calc_s[17] s[62] calc_s[2] s[78] s[63] - s[79] s[60] - s[103] calc_s[4] - s[65] calc_s[30] s[75] calc_s[103] - s[64] calc_s[3] s[99] calc_s[99] - s[77] calc_s[17] s[62] calc_s[2] s[63] - s[79] s[60] - s[103] calc_s[4] - s[76] calc_s[28] - s[78] guess s[65] calc_s[30] - s[75] calc_s[103] s[64] calc_s[3] - s[99] calc_s[99] - s[77] calc_s[17] s[62] calc_s[2] s[78] - s[79] s[60] - s[103] calc_s[4] - s[65] calc_s[30] s[75] calc_s[103] s[64] calc_s[3] s[99] calc_s[99] s[77] calc_s[17] s[62] calc_s[2] s[104] s[60] calc_s[4] - s[63] guess s[74] **117 s[103] **119 s[78] **120 s[76] calc_s[28] s[103] **116 - s[74] guess - s[79] guess - s[103] **101 - s[72] calc_s[31] - s[100] **95 s[102] **85 s[103] s[74] s[60] s[63] **81 - s[79] **113 s[74] s[63] s[60] **101 - s[103] guess s[79] **118 - s[100] **95 s[102] **85 - s[79] guess s[72] calc_s[31] s[75] calc_s[100] s[78] calc_s[103] s[65] calc_s[30] s[64] calc_s[3] - s[99] calc_s[99] - s[77] calc_s[17] - s[62] calc_s[2] s[68] calc_s[10] s[79] s[103] s[60] s[63] calc_s[24] - s[72] calc_s[31] - s[75] calc_s[100] s[78] calc_s[103] - s[65] calc_s[30] s[64] calc_s[3] s[99] **67 s[103] s[63] s[60] calc_s[99] - s[79] **113 s[72] calc_s[31] - s[78] guess - s[65] calc_s[30] s[75] calc_s[103] - s[64] calc_s[3] - s[99] calc_s[99] s[77] calc_s[17] - s[62] calc_s[2] - s[100] calc_s[100] - s[68] calc_s[10] s[78] s[63] s[60] calc_s[24] s[65] calc_s[30] - s[75] calc_s[103] - s[64] calc_s[3] s[99] calc_s[99] - s[77] calc_s[17] - s[62] calc_s[2] s[63] s[60] calc_s[23] - s[76] calc_s[28] s[103] **122 - s[74] guess - s[103] guess - s[100] **95 s[102] **87 s[103] s[74] s[60] **83 - s[79] **111 s[74] s[60] **105 - s[103] guess s[79] **124 - s[100] **95 s[102] **87 - s[79] guess s[72] calc_s[31] - s[75] calc_s[100] - s[78] calc_s[103] - s[65] calc_s[30] - s[64] calc_s[3] s[99] calc_s[99] - s[77] calc_s[17] - s[62] calc_s[2] - s[68] calc_s[10] s[79] s[103] s[60] calc_s[24] - s[72] calc_s[31] s[75] calc_s[100] - s[78] calc_s[103] s[65] calc_s[30] - s[64] calc_s[3] s[99] calc_s[99] - s[77] calc_s[17] s[62] calc_s[2] s[103] s[60] calc_s[4] - s[79] guess s[78] **106 s[72] calc_s[31] s[65] calc_s[30] - s[75] calc_s[103] s[64] calc_s[3] s[99] calc_s[99] s[77] calc_s[17] - s[62] calc_s[2] - s[100] calc_s[100] s[68] calc_s[10] s[79] s[60] calc_s[24] s[78] **114 - s[72] calc_s[31] - s[65] calc_s[30] s[75] calc_s[103] s[64] calc_s[3] s[99] calc_s[99] s[77] calc_s[17] s[62] calc_s[2] s[60] calc_s[4] node66 s[60] learnt unit clause s[74] learnt unit clause - s[74] guess s[103] **134 s[63] **138 s[79] **140 s[78] **141 - s[103] guess s[63] **130 s[79] **132 s[78] **133 - s[63] guess s[79] **128 s[78] **129 s[76] calc_s[28] s[78] **127 - s[79] guess s[72] calc_s[31] - s[78] guess - s[65] calc_s[30] - s[75] calc_s[103] - s[64] calc_s[3] - s[99] calc_s[99] s[77] calc_s[17] s[62] calc_s[2] s[78] s[79] s[63] s[74] s[103] calc_s[23] s[65] calc_s[30] s[75] calc_s[103] - s[64] calc_s[3] s[99] calc_s[99] - s[77] calc_s[17] s[62] calc_s[2] s[100] calc_s[100] s[68] calc_s[10] s[85] calc_s[85] s[79] s[63] s[74] s[103] calc_s[25] - s[72] calc_s[31] - s[78] guess s[65] calc_s[30] s[75] calc_s[103] - s[64] calc_s[3] - s[99] calc_s[99] s[77] calc_s[17] - s[62] calc_s[2] s[78] s[63] s[74] s[103] calc_s[4] - s[65] calc_s[30] - s[75] calc_s[103] - s[64] calc_s[3] s[99] calc_s[99] - s[77] calc_s[17] - s[62] calc_s[2] s[63] s[103] s[74] calc_s[4] - s[76] calc_s[28] s[78] **131 - s[79] guess s[72] calc_s[31] - s[78] guess - s[65] calc_s[30] - s[75] calc_s[103] s[64] calc_s[3] - s[99] calc_s[99] - s[77] calc_s[17] s[62] calc_s[2] s[100] calc_s[100] - s[68] calc_s[10] s[85] calc_s[85] s[78] s[79] s[74] s[103] calc_s[25] s[65] calc_s[30] s[75] calc_s[103] s[64] calc_s[3] s[99] calc_s[99] s[77] calc_s[17] s[62] calc_s[2] s[79] s[103] s[74] calc_s[23] - s[72] calc_s[31] - s[86] guess - s[78] guess s[65] calc_s[30] s[75] calc_s[103] s[64] calc_s[3] - s[99] calc_s[99] - s[77] calc_s[17] - s[62] calc_s[2] s[78] s[103] s[74] calc_s[4] - s[65] calc_s[30] - s[75] calc_s[103] s[64] calc_s[3] s[99] calc_s[99] s[77] calc_s[17] - s[62] calc_s[2] s[103] s[74] calc_s[4] - s[63] guess s[79] **136 s[78] **137 s[76] calc_s[28] s[78] **135 - s[79] guess s[72] calc_s[31] - s[78] guess - s[65] calc_s[30] s[75] calc_s[103] s[64] calc_s[3] s[99] calc_s[99] s[77] calc_s[17] s[62] calc_s[2] s[100] calc_s[100] - s[68] calc_s[10] s[85] calc_s[85] s[78] s[79] s[74] s[63] calc_s[25] s[65] calc_s[30] - s[75] calc_s[103] s[64] calc_s[3] - s[99] calc_s[99] - s[77] calc_s[17] s[62] calc_s[2] s[79] s[63] s[74] calc_s[23] - s[72] calc_s[31] - s[78] guess s[65] calc_s[30] - s[75] calc_s[103] s[64] calc_s[3] s[99] calc_s[99] s[77] calc_s[17] - s[62] calc_s[2] s[78] s[63] s[74] calc_s[4] - s[65] calc_s[30] s[75] calc_s[103] s[64] calc_s[3] - s[99] calc_s[99] - s[77] calc_s[17] - s[62] calc_s[2] s[63] s[74] calc_s[4] - s[76] calc_s[28] s[78] **139 - s[79] guess s[72] calc_s[31] - s[78] guess - s[65] calc_s[30] s[75] calc_s[103] - s[64] calc_s[3] s[99] calc_s[99] - s[77] calc_s[17] s[62] calc_s[2] s[78] s[79] s[74] calc_s[23] s[65] calc_s[30] - s[75] calc_s[103] - s[64] calc_s[3] - s[99] calc_s[99] s[77] calc_s[17] s[62] calc_s[2] s[100] calc_s[100] s[68] calc_s[10] s[85] calc_s[85] s[79] s[74] calc_s[25] - s[72] calc_s[31] - s[78] guess s[65] calc_s[30] - s[75] calc_s[103] - s[64] calc_s[3] s[99] calc_s[99] - s[77] calc_s[17] - s[62] calc_s[2] s[78] s[74] calc_s[4] - s[65] calc_s[30] s[75] calc_s[103] - s[64] calc_s[3] - s[99] calc_s[99] s[77] calc_s[17] - s[62] calc_s[2] s[74] calc_s[4] - s[103] guess s[63] **145 s[79] **147 s[78] **148 - s[63] guess s[79] **143 s[78] **144 s[76] calc_s[28] s[78] **142 - s[79] guess - s[72] calc_s[31] - s[78] guess s[65] calc_s[30] s[75] calc_s[103] s[64] calc_s[3] s[99] calc_s[99] - s[77] calc_s[17] - s[62] calc_s[2] s[78] s[79] s[63] s[103] calc_s[4] - s[65] calc_s[30] - s[75] calc_s[103] s[64] calc_s[3] - s[99] calc_s[99] s[77] calc_s[17] - s[62] calc_s[2] s[79] s[63] s[103] calc_s[4] s[72] calc_s[31] - s[78] guess - s[65] calc_s[30] - s[75] calc_s[103] s[64] calc_s[3] s[99] calc_s[99] - s[77] calc_s[17] s[62] calc_s[2] - s[100] calc_s[100] s[68] calc_s[10] - s[85] calc_s[85] s[78] s[63] s[103] calc_s[16] s[65] calc_s[30] s[75] calc_s[103] s[64] calc_s[3] - s[99] calc_s[99] s[77] calc_s[17] s[62] calc_s[2] s[63] s[103] calc_s[23] - s[76] calc_s[28] s[78] **146 - s[79] guess - s[72] calc_s[31] - s[78] guess s[65] calc_s[30] s[75] calc_s[103] - s[64] calc_s[3] s[99] calc_s[99] s[77] calc_s[17] - s[62] calc_s[2] s[78] s[79] s[103] calc_s[4] - s[65] calc_s[30] - s[75] calc_s[103] - s[64] calc_s[3] - s[99] calc_s[99] - s[77] calc_s[17] - s[62] calc_s[2] s[79] s[103] calc_s[4] s[72] calc_s[31] - s[78] guess - s[65] calc_s[30] - s[75] calc_s[103] - s[64] calc_s[3] s[99] calc_s[99] s[77] calc_s[17] s[62] calc_s[2] s[78] s[103] calc_s[23] s[65] calc_s[30] s[75] calc_s[103] - s[64] calc_s[3] - s[99] calc_s[99] - s[77] calc_s[17] s[62] calc_s[2] - s[100] calc_s[100] - s[68] calc_s[10] - s[85] calc_s[85] - s[92] calc_s[92] - s[61] calc_s[18] s[93] calc_s[93] - s[104] calc_s[104] - s[83] calc_s[83] s[87] calc_s[87] s[96] calc_s[96] - s[102] calc_s[102] s[81] calc_s[81] s[97] calc_s[97] - s[90] calc_s[90] - s[98] calc_s[98] - s[82] calc_s[82] - s[88] calc_s[88] - s[84] calc_s[84] - s[101] calc_s[101] s[80] calc_s[80] - s[94] calc_s[94] - s[95] calc_s[95] s[89] calc_s[89] - s[91] calc_s[91] - s[86] calc_s[86] MODEL First conflict Solution Found Backtrack Guess until conflict Start 6
  • 7. CryptoMiniSat SAT solver that excels at cryptography General purpose: won SAT Race’10 0 1000 2000 3000 4000 5000 6000 80 100 120 140 160 180 200 220 240 Time(s) No. solved instances from SAT Comp’09 MiniSat 2.2 lingeling PrecoSat465 CryptoMiniSat SAT Comp’11 Collaborative: GPL, mailing list, regular releases 7
  • 8. Demo 1 Generate HiTag2 problem: Grain-of-Salt tool 2 Solve it using CryptoMiniSat 3 Analyse results: ≈ 2 days to break 8
  • 9. Conclusion SAT solvers are powerful tools to break weak cryptography CryptoMiniSat, a leading SAT solver, is waiting for your contribution Weak ciphers like HiTag2 should not be used in high-value applications 9