My Challenges
I love to make creative and unique challenges that push the players to really think about and investigate potential vulnerabilities, instead of pulling a ready-made exploit from GitHub.
I usually divide my challenges into one of three categories:
-
TOY challenges are all about analysing and exploiting vulnerabilities in toy cryptographic primitives I make myself. The players will attack these primitives directly. This will test a player’s cryptographic knowledge and their ability to cryptanalyse using the provided source code.
-
IMP challenges are all about exploiting flaws in the implementation of secure cryptographic primitives. The players will attack the security of these primitives by abusing their flawed implementation. This will test a player’s knowledge on the limitations of the used primitives and their ability to exploit these limitations.
-
PZL challenges are somewhat looser challenges that challenge the player’s math, logic, and problem solving skills.
In need of Crypto challenges for your CTF? Get in touch!
Overview of Published Challenges
UMASS CTF 2023 [CTFtime]
Challenge | Category | Framework | Type | Primitive | Diff | Solves |
---|---|---|---|---|---|---|
Wrath of the Sweating Buddha | Crypto | Sweating Buddha | TOY | Paillier | 5 | 6 |
idekctf 2022* [CTFtime]
Challenge | Category | Framework | Type | Primitive | Diff | Solves |
---|---|---|---|---|---|---|
Cleithrophobia | Crypto | 16-byte Nightmares | TOY | AES | 3 | 58 |
Megalophobia | Crypto | Remote Secure Armoury | IMP | RSA | 6 | 17 |
Psychophobia | Crypto | Prime Crimes | IMP | ECDSA | 8 | 11 |
BlackHat MEA CTF 2022 Finals [CTFtime]
Challenge | Category | Framework | Type | Primitive | Diff | Solves |
---|---|---|---|---|---|---|
LWEKE | Crypto | … | IMP | LWE | 8 | ? |
Beastly Vault | Crypto | … | IMP | AES | 9 | ? |
Webbed* | Crypto | … | IMP | AES | 3 | ? |
ECPC | Crypto | … | TOY | ECDSA | 4 | ? |
Ursa Major | Crypto | Remote Secure Armoury | TOY | RSA | 5 | ? |
Bob went Shopping | Crypto | … | IMP | E2EE | 6 | ? |
BlackHat MEA CTF 2022 Qualifiers [CTFtime]
Challenge | Category | Framework | Type | Primitive | Diff | Solves |
---|---|---|---|---|---|---|
Ursa Minor | Crypto | Remote Secure Armoury | TOY | RSA | 2 | ? |
Nothing Up My S-box | Crypto | … | TOY | SPN | 5 | ? |
n00bzCTF 2022 [CTFtime]
Challenge | Category | Framework | Type | Primitive | Diff | Solves |
---|---|---|---|---|---|---|
RSA-OOPS | Crypto | Remote Secure Armoury | TOY | RSA | 4 | ? |
Hadis Paide | Crypto | Prime Crimes | IMP | Paillier | 2 | ? |
HackPack CTF 2022 [CTFtime]
Challenge | Category | Framework | Type | Primitive | Diff | Solves |
---|---|---|---|---|---|---|
Repeating Offense | Crypto | Prime Crimes | IMP | RSA + Paillier | 4 | 20 |
P(ai)^3 | Crypto | Painful Paillier | TOY | Paillier | 6 | 15 |
UMassCTF 2022 [CTFtime]
Challenge | Category | Framework | Type | Primitive | Diff | Solves |
---|---|---|---|---|---|---|
FastCrypt | Crypto | Mind your Flanks | IMP | Sub-perm | 7 | 24 |
MTRSASS | Crypto | Remote Secure Armoury | TOY | MSS + RSA | 6 | 6 |
Tomb of Tutanflagun | Crypto | Mountain Cipher | TOY | Hill Cipher | 8 | 3 |
HatMash | Crypto | Matrix Mania | TOY | Hash | 4 | 1 |
Order of the Eight Apollonii | Crypto | Circles of Eight | TOY | Geometric SSS | 5 | 1 |
K3RN3LCTF 2021 [CTFtime]
Challenge | Category | Framework | Type | Primitive | Diff | Solves |
---|---|---|---|---|---|---|
Twizzty Buzzinezz | Crypto | Honeycomb | TOY | XOR | 1 | 116 |
1-800-758-6237 | Crypto | 16-byte Nightmares | IMP | AES-CTR | 2 | 28 |
Non-Square Freedom 1 | Crypto | Prime Crimes | TOY | RSA | 1 | 21 |
WannaSwirl (Co-Author) | Rev | WannaSwirl | REV | Malware | 7 | 19* |
Non-Square Freedom 2 | Crypto | Prime Crimes | TOY | RSA | 4 | 11 |
Poly-Proof | Crypto | Zero-Effort-Proof | TOY | PCS | 2 | 11 |
Poly Expo go BRRRRR | Crypto | Prime Crimes | TOY | RSA | 3 | 9 |
Tick Tock | Crypto | Erratic Elliptics | TOY | Group Theory | 6 | 6 |
3Dangerous Commute | Misc | Hyperspatial Engineering | PZL | Maze | 5 | 5 |
Cozzmic Dizzcovery | Crypto | Honeycomb | PZL | XOR | 4 | 3 |
HADIOR | Crypto | Spinning my Web | TOY | DSA | 9 | 3* |
lightningrod | Rev | Superweapons | REV | XOR | 4 | 3 |
Beecryption | Crypto | Honeycomb | TOY | Affine | 7 | 2 |
Game of Secrets | Crypto | Cellular Mania | TOY | Game of Life | 8 | 2 |
Objection! | Crypto | Prime Crimes | IMP | DSA | 6 | 2 |
Ain’t no Mountain High Enough | Crypto | Mountain Cipher | TOY | Hill Cipher | 5 | 1 |
Mowhock | Crypto | Submit to Chaos | TOY | Logistic Map | 8 | 0 |
Shrine of the Sweating Buddha | Crypto | Sweating Buddha | TOY | Paillier | 8 | 0 |
Total Encryption | Crypto | Remote Secure Armoury | IMP | RSA | 9 | 0 |
WannaSwirl Fixed (Co-Author) | Rev | WannaSwirl | REV | Malware | 7 | 0 |
And more, just waiting to be published ~ !
Recent Posts
-
idek CTF 2022* - Psychophobia
Cryptography – 495 points (11 solves) – Chall author: Polymero (me)
“WANTED: CRYPTO PSYCHIC FOR SINGLE TIME HIRE! (URGENT)
My signatures are all broken and I need somebody to magically fix them ASAP!” -
UMassCTF 2022 - HatMash
Cryptography – 500 pts (1 solve) – Chall author: Polymero (me)
What do you mean “We think you spend too much time with matrices.”? It’s just a hash function, jeez…
-
HackPack CTF 2022 - Repeating Offense
Cryptography – 443 pts (20 solves) – Chall author: Polymero (me)
One-time oracles using RSA or Paillier are not a great idea due to those slippery mathemagicians… I would like to see them slip their way through RSA AND Paillier! After all, you cannot rob two banks at the same time. … What?
-
HackPack CTF 2022 - P(ai)^3
Cryptography – 469 pts (15 solves) – Chall author: Polymero (me)
Pai-ai-ai… My Paillier scheme seems to be broken and I stored my favourite flag in it. Please help me get it back, will you? Who could have guessed this would ever happen? … Me… I- I wrote it… yeah.
-
K3RN3LCTF 2021 - Total Encryption
Cryptography – 500 pts (0 solves) – Chall author: Polymero (me)
“To store our most embarrassing secrets, we created a Remote Secure Armoury protected by layered RSA encryption with XOR blinding. Never again will my friends be able to mock me for my use of words!”
-
K3RN3LCTF 2021 - Tick Tock
Cryptography – 496 pts (6 solves) – Chall author: Polymero (me)
“I chopped up my flag and hid it behind this simple key exchange. Try dlogging your way in if you are brave enough!”
-
K3RN3LCTF 2021 - Shrine of the Sweating Buddha
Cryptography – 500 pts (0 solves) – Chall author: Polymero (me)
“Welcome to the Shrine of the Sweating Buddha. Share the burden of your worries, my child ~~~.”
Hint: share some (7) of your worries and perhaps your fortune will guide you to the flag.
-
K3RN3LCTF 2021 - HADIOR
Cryptography – 499 pts (3 solves) – Chall author: Polymero (me)
“HADIOR will hold the DOOR.”
-
K3RN3LCTF 2021 - Game of Secrets
Cryptography – 500 pts (2 solves) – Chall author: Polymero (me)
“John wants to play a game, a game of secrets. Recover his secret or be encrypted.”
-
K3RN3LCTF 2021 - lightningrod
Reverse Engineering – 499 pts (3 solves) – Chall author: Polymero (me)
“Warning: Weather Control Device detected! ZAP ZAP [insert conscript_death.mp3 here]”
“Note: there is a typo in the flag, sorry >m<.”
-
K3RN3LCTF 2021 - Poly-Proof
Cryptography – 490 pts (11 solves) – Chall author: Polymero (me)
They asked me to set up a zero-knowledge proof that runs in polynomial time. I don’t know what that means but I assume they want me to use polynomials, right?
-
K3RN3LCTF 2021 - Poly Expo go BRRRRR
Cryptography – 494 pts (9 solves) – Chall author: Polymero (me)
“I’m going to say this again: I did not have sexual relations with that polynomial, Miss Polinsky.”
-
K3RN3LCTF 2021 - Beecryption
Cryptography – 500 pts (2 solves) – Chall author: Polymero (me)
I was watching the bees and it seemed as if they were trying to tell me something… Have I finally gone crazy?!?
-
K3RN3LCTF 2021 - Twizzty Buzzinezz
Cryptography – 100 pts (116 solves) – Chall author: Polymero (me)
“Some bees convinced me to invest in their new cryptosystem. They zzzaid their new XOR keyzztream would revolutionizzze the crypto market. However, they quickly buzzed away so all I have is this weird flyer they dropped. Luckily it has some source code on the back.”
“Have I just really been scammed by some bees??” -
K3RN3LCTF 2021 - Objection!
Cryptography – 500 pts (2 solves) – Chall author: Polymero (me)
“Looks like Harry is hoarding his flags again… Maybe he will stop if we can convince him both Alice and Carlo dislike hoarding too. Alice and Carlo, being stereotypical CTF admins, are not responding to your complaints. Guess you will just have to answer for them… Luckily, I managed to secure you a channel to the domain controller of the CTF server.”
-
K3RN3LCTF 2021 - Non-Square Freedom (1 and 2)
Cryptography – 465 pts (21 solves) and 490 pts (11 solves) – Chall author: Polymero (me)
“What can I say, I just like squares.”
-
K3RN3LCTF 2021 - Cozzmic Dizzcovery
Cryptography – 499 pts (3 solves) – Chall author: Polymero (me)
“See that comb over there? It came from that meteorite I mentioned yesterday. Take a look at this, if I send bytes in, different bytes come out! Then there’s this button that seems to just produce random bytes… I’m absolutely stumped :S”
-
K3RN3LCTF 2021 - Ain't no Mountain High Enough
Cryptography – 500 pts (1 solve) – Chall author: Polymero (me)
“Hills are easy to climb, but mountains? Hoho, they sure are something else!”
-
K3RN3LCTF 2021 - 1-800-758-6237
Cryptography – 437 pts (28 solves) – Chall author: Polymero (me)
“I NEED A PLUMBER ASAP, MY FLAG IS LEAKING ALL OVER THE PLACE!!!”