Nothing up my sleve, but your password.
Solo project
Apache 2.0 license

Challence: Password hashing/ Backdoor

Description:

This project inserts a backdoor into a password based auth protocol/ password hash by backdooring a "nothing up my sleve 
number."

The protocol uses what appears to be a random number as the modulus for an exponentiation step to protect the secret, 
but the modulus is actually a number with a known prime factorization. The modulus was generated by an LCG (Linear
congruential generator), a popular non cryptographic PRNG, using a (trunkated) sha1 hash of my name, the names of several 
of the judges, and a few words related to Defcon as the seed. The other constants in the PRNG were reverse engineered 
from the pre selected output and seed.

If an attacker knows the factorization of the modulus they are able to learn a user's password without interacting with
the user or server directly and just monitor their traffic.
 
Generating this backdoor is computationally equivelant to factoring a number about the size of the p or q used in the 
modulus. Unfortunately my netbook wasn't up to much and because of time constraints, the given examples are smallish 
but can be improved with more time and hardware.