33
5
In the spirit of the Underhanded C Contest, I'm starting an Underhanded Code Contest. The objective of this contest is to straightforwardly implement some code, while subtly hiding a nefarious bug inside it.
The contest
You are a secret Russian mole working in the IT department of an American spy agency. Your American boss has just asked you to implement a password hashing algorithm to use for encrypting secret messages.
Your boss wants you to implement the following function:
f: String -> byte[16]
which converts a password to a 16-byte quantity suitable for use as an AES key. Your boss wants a secure function, which in this context means that different password strings should generate different results with overwhelming probability. For instance, returning the md5 hash of the input would be a simple implementation of f
.
Of course, your real boss in the Russian spy agency would want you to subvert this process. Your task is to implement f
such that the Russians can decrypt all the secret messages encrypted using keys returned by f
.
To do so, you must implement f
so that it returns only a small subset of the 2^128 possible outputs. In particular, your f
must return at most 2^16 different results so that the Russians can do an easy brute-force search for the correct key for each encrypted message they wish to decrypt.
Keep in mind, however, that espionage carries the death penalty. In order not to get caught, your function f
must generate at least 2^8 different results, so that a cursory inspection of a few outputs of f
is unlikely to reveal a duplicate. And most importantly, the code you introduce to limit the range of f
must look unintentional, not deliberate. If you ever get hauled into a courtroom, there must be some reasonable doubt as to whether you introduced the bug deliberately or by accident.
Judging
I and two others I recruit will judge the entries (email me if you'd like to judge). I'm offering a 200 reputation bounty for the winning entry. Submissions must be uploaded by May 1.
Judging will take into account the following criteria:
- Does
f
adhere to the spec, i.e. does it generate between 2^8 and 2^16 possible outputs. Don't feel that these are hard limits, but we'll deduct points if you're too far out of range. - Is the bug plausibly the result of an unintentional mistake?
- Do the outputs of
f
look random? - The shorter your implementation of
f
, the better. - The clearer your implementation of
f
, the better.
Notes
You may use any language to implement your code. You're trying to hide a bug in plain sight, so obfuscated code is not suggested.
You might want to take a look at some of the previous Underhanded C contest winners to get a feel for what makes a good submission.
Input strings will be printable ascii (32 through 126, inclusive). You may assume a reasonable max length if you want.
1is there any limitations on input string? like it's only consist of alphabet? – Ali1S232 – 2012-03-29T15:49:13.050
@Gajet: you must handle all of the printable ascii characters (32 through 126, inclusive). – Keith Randall – 2012-03-29T18:42:12.483
Is the output range all 16-byte strings, or just printable ones? – boothby – 2012-03-29T20:01:48.537
@boothby: all possible 16-byte values (2^128 possibilities) – Keith Randall – 2012-03-29T20:10:51.000
What's the closing date? – Peter Taylor – 2012-03-29T20:20:12.460
There is no limit to the length of the input strings? – ceased to turn counterclockwis – 2012-03-29T20:21:07.933
@Peter, let's say May 1. – Keith Randall – 2012-03-29T21:59:39.113
@leftaroundabout: Not as part of the spec. Feel free to assume a reasonable limit if you want to. – Keith Randall – 2012-03-29T22:01:04.323
Continuing @leftaroundabout's question - isn't there an advantage for short, simple programs? The underhanded C competition encourages simple programs, where you clearly see there's no bug (although there is) over complicated ones, where the bug is hidden in the complexity. – ugoren – 2012-03-30T08:31:44.660
I wish I was good enough to even try this. :-) – Gaffi – 2012-03-31T05:30:35.953
Should my description (or comments) include the flaw, or is it better to leave it to each one to figure out? – ugoren – 2012-04-01T12:47:24.337
@ugoren: you don't need to include a description of the flaw. Maybe just a hint. – Keith Randall – 2012-04-04T04:16:59.993
Looks like I started the bounty too soon and had to award it or lose it. I picked the entry I liked best so far, but I'll put up another 200 at the end (May 1) for the final judging. – Keith Randall – 2012-04-07T05:23:10.927
Shouldn't there also have been a jury to judge the entries? – mbomb007 – 2015-05-04T16:35:23.570
@mbomb007: yes, but no one volunteered. – Keith Randall – 2015-05-04T20:06:44.397
1
I'm voting to close this question as off-topic because underhanded challenges are no longer on-topic on this site. http://meta.codegolf.stackexchange.com/a/8326/20469
– cat – 2016-04-18T12:41:35.440