skip to main content
Department of Computer Science University of Colorado Boulder
cu: home | engineering | mycuinfo | about | cu a-z | search cu | contact cu cs: about | calendar | directory | catalog | schedules | mobile | contact cs
home · the department · news · 
 

Internet Chess Club Security Flaws Uncovered

 

September 2004

John Black photo
Black

A team led by John Black, working with graduate student Martin Cochran and undergraduate Ryan Gardner, spent part of the summer conducting a security analysis of a popular online chess club called The Internet Chess Club. The ICC boasts over 30,000 members, including many of the world's top chess players.

The team uncovered several security flaws related to how time is measured per player and how encryption works between client and server. Problems were described at each level of the security protocol from the blockcipher to the key exchange mechanism. The research identified methods for improving the site's security in a variety of ways and also led to questions ripe for further research.

The project was partly sponsored by an NSF REU cybersecurity grant which allows undergraduates from around the country to come to Boulder for a summer to gain exposure to research in computer and network security. This summer six students from around the U.S. worked with six Computer Science faculty on various security projects. Summer 2005 will be the final year for this activity.

 
See also:
Department of Computer Science
College of Engineering and Applied Science
University of Colorado Boulder
Boulder, CO 80309-0430 USA
Questions/Comments?
Send email to

Engineering Center Office Tower
ECOT 717
+1-303-492-7514
FAX +1-303-492-2844
XHTML 1.0/CSS2 ©2012 Regents of the University of Colorado
Privacy · Legal · Trademarks
May 5, 2012 (13:46)
 
.