Another Raspberry Pi hacking challenge announced, with a $20,000 reward for the first person who cracks it
Table of Contents
The Raspberry Pi team is back with another hacking challenge with a huge cash prize. Following the success of their first contest in 2024, which drew plenty of attention from both experts and enthusiasts, the second Raspberry Pi RP2350 Hacking Challenge has officially been announced. The top prize for the winner? A huge $20,000 USD. Just like the last one (after the prize was doubled because no one could manage it).
This year’s challenge focuses on the encrypted boot of the Raspberry Pi RP2350, which uses a new feature allowing customers to encrypt their application code and data when stored in external flash. Once loaded into internal SRAM, the code is decrypted using the Raspberry Pi’s AES software library. The encryption keys and additional security data are tucked away in the device’s one-time programmable memory (OTP).
The task for participants is to find a way to extract AES key material using any form of side-channel analysis, such as monitoring power usage, electromagnetic emissions, or even timing differences. If successful, the attack should reduce the effective key length enough to make decrypting the payload possible.
The Raspberry Pi team has said they’ve added multiple layers of “hardening” to the AES implementation, making it tougher than before. But as they jokingly put it, they’re challenging the community to “prove us wrong (again).” Unlike the previous event, this time it’s a “first across the line” competition. That means only the very first individual or team to successfully complete the challenge will claim the 20K prize.
How to get started
Raspberry Pi has shared example code and tools on the official GitHub page to help participants get started. This includes a complete example of their AES implementation, along with instructions and a key tool for measurements and testing. In this version, some fault-injection checks have been removed to make experiments easier, though successful attacks should still work against the actual bootloader code.
Deals season is here folks, and with it comes a plethora of eye-catching price cuts on some of the industry's most popular tech. Below are some of the best deals you can find right now.
- AMD Ryzen 7 9800X3D Was $479/span> Now $454
- ASUS TUF RTX 5070 Ti Was $999 Now $849
- Samsung Odyssey OLED G6 Was $899 Now $649
- LG G5 65" OLED TV Was $2,996 Now $1,996
- Samsung Odyssey G9 (G95C) Was $1,299 Now $777
- Alienware Area-51 gaming laptop Was $3,499 Now $2,799
- Samsung 77-inch OLED S95F Was $4,297 Now $3,497
*Prices and savings subject to change. Click through to get the current prices.
Anyone interested can dive into the resources and, if they think they’re onto something, reach out early to Raspberry Pi through their provided email.
About the Author