Last year before Black Hat we organized a crypto challenge and gave out 10 ETH to the winners. The goal of the challenge was to forge (post-quantum hash-based) signatures given access to a remote service running signature and verification binaries, and given the said binaries. These are still available at https://github.com/kudelskisecurity/cryptochallenge17, but the services are now down.
Today we release the source code of these applications as well as a basic solver script, as well as the private key and our notes. As you’ll see, the signature scheme was relatively weak in the sense that it accepted requests to sign an arbitrary number of messages with the same key, whereas this type of algorithm (“few-time signature”) can only be secure if the number of signatures issued is bounded—see for example our PRUNE-HORST design.
The hardest part of the challenge was probably to reverse engineer the binaries, but again we made participants’ lives easier by releasing unoptimized binaries including all symbols.
If you had missed our challenge this year, hope you’ll find this inspiring and motivating to look into post-quantum crypto signatures!
Kudelski Security Research 