telegram-crawler/data/telegram.org/blog/cryptocontest.html
2021-08-12 22:01:24 +00:00

224 lines
15 KiB
HTML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<!DOCTYPE html>
<html class="">
<head>
<meta charset="utf-8">
<title>&#036;300,000 for Cracking Telegram Encryption</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta property="og:title" content="&#036;300,000 for Cracking Telegram Encryption">
<meta property="og:image" content="https://telegram.org/file/811140704/1/2Er4fG4UQLI/7ee52af54b98564554">
<meta property="og:site_name" content="Telegram">
<meta property="og:description" content="&#036;300,000 for cracking #Telegram encryption">
<meta name="twitter:card" content="summary_large_image" /><meta name="twitter:image" content="https://telegram.org/file/811140704/1/2Er4fG4UQLI/7ee52af54b98564554" />
<meta property="fb:app_id" content="254098051407226">
<meta property="vk:app_id" content="3782569">
<meta name="apple-itunes-app" content="app-id=686449807">
<meta name="telegram:channel" content="@telegram">
<link rel="canonical" href="https://telegram.org/blog/cryptocontest" />
<link rel="icon" type="image/svg+xml" href="/img/website_icon.svg?4">
<link rel="alternate icon" href="/favicon.ico?4" type="image/x-icon" />
<link href="/css/bootstrap.min.css?3" rel="stylesheet">
<link href="/css/telegram.css?212" rel="stylesheet" media="screen">
<style>
</style>
</head>
<body class="preload">
<div id="fb-root"></div>
<div class="tl_page_wrap">
<div class="tl_page_head navbar navbar-static-top navbar navbar-tg">
<div class="navbar-inner">
<div class="container clearfix">
<ul class="nav navbar-nav navbar-right"><li class="dropdown top_lang_select"><a class="dropdown-toggle" onclick="return dropdownClick(this, event)" href="#"><i class="dev_top_lang_icon"></i> <b class="minicaret"></b></a>
<ul class="dropdown-menu"><li class=""><a href="?setln=en">English</a></li><li class="long "><a href="?setln=id">Bahasa Indonesia</a></li><li class="long "><a href="?setln=ms">Bahasa Melayu</a></li><li class=""><a href="?setln=de">Deutsch</a></li><li class=""><a href="?setln=es">Español</a></li><li class=""><a href="?setln=fr">Français</a></li><li class=""><a href="?setln=it">Italiano</a></li><li class=""><a href="?setln=nl">Nederlands</a></li><li class=""><a href="?setln=uz">Ozbek</a></li><li class=""><a href="?setln=pl">Polski</a></li><li class="long "><a href="?setln=pt-br">Português (Brasil)</a></li><li class=""><a href="?setln=tr">Türkçe</a></li><li class=""><a href="?setln=be">Беларуская</a></li><li class=""><a href="?setln=ru">Русский</a></li><li class=""><a href="?setln=uk">Українська</a></li><li class=""><a href="?setln=ar">العربية</a></li><li class=""><a href="?setln=fa">فارسی</a></li><li class=""><a href="?setln=ko">한국어</a></li></ul></li><li class="navbar-twitter hidden-xs"><a href="https://twitter.com/telegram" target="_blank" data-track="Follow/Twitter" onclick="trackDlClick(this, event)"><i class="icon icon-twitter"></i> Twitter</a></li></ul>
<ul class="nav navbar-nav">
<li class=""><a href="/">Home</a></li>
<li class=""><a href="/faq">FAQ</a></li>
<li class=""><a href="/apps">Apps</a></li>
<li class="hidden-xs "><a href="//core.telegram.org/api">API</a></li>
<li class="hidden-xs "><a href="//core.telegram.org/mtproto">Protocol</a></li>
</ul>
</div>
</div>
</div>
<div class="container clearfix tl_page_container ">
<div class="tl_page">
<div class="tl_contest_page_wrap">
<div class="tl_blog_side_blog"><div class="side_blog_wrap">
<div class="side_blog">
<a href="/blog" class="side_blog_header">Recent News</a>
<div class="side_blog_entries">
<a href="/blog/video-1000" class="side_blog_entry">
<div class="side_blog_date">Jul 30</div>
<div class="side_blog_title">Video Calls with up to 1000 Viewers, Video Playback Speed, Video Messages 2.0 and More</div>
</a><a href="/blog/group-video-calls" class="side_blog_entry">
<div class="side_blog_date">Jun 25</div>
<div class="side_blog_title">Group Video Calls</div>
</a><a href="/blog/animated-backgrounds" class="side_blog_entry">
<div class="side_blog_date">Jun 25</div>
<div class="side_blog_title"> Animated Backgrounds</div>
</a><a href="/blog/payments-2-0-scheduled-voice-chats" class="side_blog_entry">
<div class="side_blog_date">Apr 26</div>
<div class="side_blog_title">Payments 2.0, Scheduled Voice Chats, New Web Versions</div>
</a><a href="/blog/voice-chats-on-steroids" class="side_blog_entry">
<div class="side_blog_date">Mar 19</div>
<div class="side_blog_title">Voice Chats 2.0: Channels, Millions of Listeners, Recorded Chats, Admin Tools</div>
</a><a href="/blog/autodelete-inv2" class="side_blog_entry">
<div class="side_blog_date">Feb 23</div>
<div class="side_blog_title">Auto-Delete, Widgets and Expiring Invite Links</div>
</a><a href="/blog/move-history" class="side_blog_entry">
<div class="side_blog_date">Jan 28</div>
<div class="side_blog_title">Moving Chat History from Other Apps</div>
</a>
</div>
</div>
</div></div>
<div id="dev_page_content_wrap" class=" ">
<div class="dev_page_bread_crumbs"></div>
<h1 id="dev_page_title">&#036;300,000 for Cracking Telegram Encryption</h1>
<div id="dev_page_content"><div class="blog_side_image_wrap">
<img src="/file/811140704/1/2Er4fG4UQLI/7ee52af54b98564554" class="blog_side_image"/>
</div>
<blockquote>
<p>This contest is <a href="https://telegram.org/blog/cryptocontest-ends">over</a>, but Telegram&#39;s <strong>bug bounty program</strong> is always open.</p>
<p><strong>Security researchers</strong> are welcome to submit any issues they find in the Telegram <strong>apps</strong> or <strong>protocol</strong> to us at <strong>security@telegram.org</strong>. All submissions which result in a change of code or configuration are eligible for bounties, ranging from <strong>$500</strong> to <a href="https://telegram.org/blog/crowdsourcing-a-more-secure-future"><strong>$100,000</strong></a> or more, depending on the severity of the issue.</p>
</blockquote>
<p>Earlier this year we had a <a href="/blog/winter-contest-ends">contest</a> to decipher intercepted Telegram messages, that did not produce a winner. Today we announce a new contest with an easier task and a larger prize — <strong>$300,000</strong> for cracking <a href="https://core.telegram.org/api/end-to-end">Telegram&#39;s encryption</a>, and this time contestants can not only monitor traffic, but also act as the Telegram server and use active attacks, which vastly increases their capabilities.</p>
<p>In this contest you assume the role of a malicious entity in full control of both the communication lines and the Telegram servers themselves.</p>
<blockquote>
<p><strong>UPD</strong> The current round of the contest is over. <a href="https://telegram.org/blog/cryptocontest-ends"><strong>Go to results »</strong></a></p>
</blockquote>
<p>Your goal is to extract sensitive data (a secret email address) from a Secret Chat between two users — Nick and Paul. You control the entire process, from chat creation to the sending of each individual message and can perform various active attacks, including MITM, KPA, CPA, replay attacks, etc.</p>
<h4><a class="anchor" name="contest-interface" href="#contest-interface"><i class="anchor-icon"></i></a>Contest Interface</h4>
<p>In order to facilitate the task, we have created an interface, using which you can act as the server and determine which side gets what data. For more details, please check out the <strong><a href="https://core.telegram.org/contest300K">Cracking Contest Description</a></strong>.</p>
<h4><a class="anchor" name="objectives" href="#objectives"><i class="anchor-icon"></i></a>Objectives</h4>
<p>In order to confirm that Telegram crypto was indeed cracked and claim your <strong>$300,000</strong>, youll need to send an email to the secret email address that youve extracted from one of the messages exchanged by Paul and Nick.</p>
<p>Your email must contain:<br>- The entire text of the message that contained the secret email.<br>- Session logs for the successful attempt with your user_id.<br>- A detailed explanation of the attack on the protocol.<br>- Your bank account details to receive the $300,000 prize.</p>
<p>There is also a bonus objective with an independent prize of <strong>$100,000</strong>.<br><a href="https://core.telegram.org/contest300K#bonus-objective">See full description for details »</a></p>
<h4><a class="anchor" name="end-date" href="#end-date"><i class="anchor-icon"></i></a>End Date</h4>
<p>To prove that the competition was fair, we will add a command that returns the keys used for encryption as soon as a winner is announced. In case there is no winner by February 4, 2015, decryption commands will be added at that date.</p>
<div>
<a href="/file/811140570/1/HuWOtUZqH3Y/ae540ee4fe9e565761" target="_blank"><img src="/file/811140509/1/w7ub14yjRmE/857f9fc6bf21c49411" title="Click for print quality image" class="dev_page_image" /></a><br>
</div>
<p><em>November 4, 2014<br>The Telegram Team</em></p>
</div>
</div>
<div class="tl_main_share clearfix">
<a href="https://t.me/share/url?url=https%3A%2F%2Ftelegram.org%2Fblog%2Fcryptocontest&text=%24300%2C000%20for%20cracking%20%23Telegram%20encryption" class="tl_telegram_share_btn" id="tl_telegram_share_btn" data-text="&#036;300,000 for cracking #Telegram encryption" data-url="https://telegram.org/blog/cryptocontest"><i class="tl_telegram_share_icon"></i><span class="tl_telegram_share_label" target="_blank">Forward</span></a>
<a href="https://twitter.com/share" class="tl_twitter_share_btn" id="tl_twitter_share_btn" data-text="&#036;300,000 for cracking #Telegram encryption" data-url="https://telegram.org/blog/cryptocontest" data-via="Telegram">Tweet <span class="tl_twitter_share_cnt"></span></a>
</div>
</div>
<div class="tl_main_recent_news_wrap tlb_other_news_wrap tl_blog_list_page_wrap">
<h3 class="tl_main_recent_news_header">
<a href="/blog">Other News</a>
</h3>
<div class="tl_main_recent_news_cards clearfix">
<a class="dev_blog_card_link_wrap" href="/blog/video-1000"><div class="dev_blog_card_wrap">
<img class="dev_blog_card_image" src="https://telegram.org/file/464001574/3/Pqda66P2qCA.71942/56366f0bdd3630cab8" />
<div class="dev_blog_card_alltext_wrap">
<h4 class="dev_blog_card_title">Video Calls with up to 1000 Viewers, Video Messages 2.0, Video Playback Speed and More</h4>
<div class="dev_blog_card_lead">This update takes video to the next level. Group video calls now have up to 1000 viewers,…</div>
</div>
<div class="dev_blog_card_date">Jul 30, 2021</div>
</div></a><a class="dev_blog_card_link_wrap" href="/blog/group-video-calls"><div class="dev_blog_card_wrap">
<img class="dev_blog_card_image" src="https://telegram.org/file/464001231/2/Q0OFpRBNruI.71986/42d2a05bd0d1bd091b" />
<div class="dev_blog_card_alltext_wrap">
<h4 class="dev_blog_card_title">Group Video Calls</h4>
<div class="dev_blog_card_lead">Today&#39;s update lets you turn on your camera or share your screen during Voice Chats in groups on all devices, including tablets and desktops. This brings voice chats to a whole new…</div>
</div>
<div class="dev_blog_card_date">Jun 25, 2021</div>
</div></a><a class="dev_blog_card_link_wrap" href="/blog/animated-backgrounds"><div class="dev_blog_card_wrap">
<img class="dev_blog_card_image" src="https://telegram.org/file/464001689/5/LAdUj8JXG_c.61616/b196801953bc54ecd5" />
<div class="dev_blog_card_alltext_wrap">
<h4 class="dev_blog_card_title"> Animated Backgrounds</h4>
<div class="dev_blog_card_lead">In addition to Group Video Calls, this update adds animated backgrounds and message sending animations, as well as a new menu button for bots, new ways to import stickers, reminders…</div>
</div>
<div class="dev_blog_card_date">Jun 25, 2021</div>
</div></a><a class="dev_blog_card_link_wrap" href="/blog/payments-2-0-scheduled-voice-chats"><div class="dev_blog_card_wrap">
<img class="dev_blog_card_image" src="https://telegram.org/file/464001783/2/6Is-qGJkgX4.92603/d4d7fe3e0fc14ff3ba" />
<div class="dev_blog_card_alltext_wrap">
<h4 class="dev_blog_card_title">Payments 2.0, Scheduled Voice Chats, New Web Versions</h4>
<div class="dev_blog_card_lead">This update brings Payments 2.0 for all Telegram chats, Scheduling and Mini Profiles for Voice Chats, new versions of Telegram Web for…</div>
</div>
<div class="dev_blog_card_date">Apr 26, 2021</div>
</div></a>
</div>
</div>
</div>
</div>
</div>
<div class="footer_wrap">
<div class="footer_columns_wrap footer_desktop">
<div class="footer_column footer_column_telegram">
<h5>Telegram</h5>
<div class="footer_telegram_description"></div>
Telegram is a cloud-based mobile and desktop messaging app with a focus on security and speed.
</div>
<div class="footer_column">
<h5><a href="/faq">About</a></h5>
<ul>
<li><a href="/faq">FAQ</a></li>
<li><a href="/blog">Blog</a></li>
<li><a href="/jobs">Jobs</a></li>
</ul>
</div>
<div class="footer_column">
<h5><a href="/apps#mobile-apps">Mobile Apps</a></h5>
<ul>
<li><a href="/dl/ios">iPhone/iPad</a></li>
<li><a href="/dl/android">Android</a></li>
<li><a href="/dl/wp">Windows Phone</a></li>
</ul>
</div>
<div class="footer_column">
<h5><a href="/apps#desktop-apps">Desktop Apps</a></h5>
<ul>
<li><a href="//desktop.telegram.org/">PC/Mac/Linux</a></li>
<li><a href="//macos.telegram.org/">macOS</a></li>
<li><a href="/dl/web">Web-browser</a></li>
</ul>
</div>
<div class="footer_column footer_column_platform">
<h5><a href="//core.telegram.org/">Platform</a></h5>
<ul>
<li><a href="//core.telegram.org/api">API</a></li>
<li><a href="//translations.telegram.org/">Translations</a></li>
<li><a href="//instantview.telegram.org/">Instant View</a></li>
</ul>
</div>
</div>
<div class="footer_columns_wrap footer_mobile">
<div class="footer_column">
<h5><a href="/faq">About</a></h5>
</div>
<div class="footer_column">
<h5><a href="/blog">Blog</a></h5>
</div>
<div class="footer_column">
<h5><a href="/apps">Apps</a></h5>
</div>
<div class="footer_column">
<h5><a href="//core.telegram.org/">Platform</a></h5>
</div>
<div class="footer_column">
<h5><a href="https://twitter.com/telegram" target="_blank" data-track="Follow/Twitter" onclick="trackDlClick(this, event)">Twitter</a></h5>
</div>
</div>
</div>
<script src="/js/main.js?42"></script>
<script>initScrollVideos(true);
twitterCustomShareInit();
blogSideImageInit();
backToTopInit("Go up");
removePreloadInit();
</script>
</body>
</html>