Kudelski Security Black Hat Crypto Challenge 2018

Welcome to the 2018 Kudelski Security Black Hat Crypto Challenge. Test your skills and win some hardware wallets along with some cryptocurrency. Building on the success of last year’s challenge, we decided to do 3 different challenges this year. Each level increases in difficulty. Not an expert, why not try it out anyway? Having multiple levels allows even more people to get involved. Even if you don’t solve all 3, you still have an opportunity to participate and have some fun.

Winners can claim your prize at the Kudelski Bash party at the Foundation Room Lounge in Mandalay Bay Tuesday, August 7th between (6-9pm).

Directions for the challenges are located at https://github.com/kudelskisecurity/cryptochallenge18/

We have five Ledger Nano S hardware wallets with approximately $100 USD in ETH for you to win. The first 5 people to complete all 3 challenges will receive a prize.

In the event 5 people aren’t able to solve all 3 challenges, the remaining prizes will go to the first runners-up able to solve 2 of 3. The ranking is established at the time of your correct submission of the flag to the email address provided.

Visit the landing page and follow the directions for each level. After receiving the correct flag, send an email to cryptochallenge@kudelskisecurity.com. The subject line should contain the response for each corresponding challenge solved. The following subject lines should be used.

  • Challenge 1 Completed
  • Challenge 2 Completed
  • Challenge 3 Completed

We recommend you encrypt your messages, using the following public key.

-----BEGIN PGP PUBLIC KEY BLOCK-----
mQENBFszjFEBCAC3xFJpb4/zJ9y0VxtKgkBcb0Qiow1xhLN+8dQNH08pUrULDjXu
9XNM/ejDFMEHHDMAYG4xnQB/tXaHjiX4+OeUKAp8IOhMQhgzRi/ceZWYEcSBVeTw
7juUoSuI1ixKLLSdrr+amNtHwpP1hCa7JgMWTf+Brq1PZ2f+5sJ8mSzeIpC9ak6k
t88QfNhXKBvEm5lmoT0jIn3np906M6t6b5rcTPtembEhGfHb9vmzKGvPM13IRhDy
w2S2wn1doPCYlNLJtlVw9Iidt8pQ5zJDpnXaxfnsc3zSjYbJvG5NIkLSXzbqavEK
TnG4OY2dor+nk9yuwMWQRv/18LkeydFabB0LABEBAAG0SEt1ZGVsc2tpIFNlY3Vy
aXR5IENyeXB0b2NoYWxsZW5nZSA8Y3J5cHRvY2hhbGxlbmdlQGt1ZGVsc2tpc2Vj
dXJpdHkuY29tPokBPQQTAQgAJwIbAwULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgAUC
WzXr/AUJAEL5KwAKCRDZeM53RBdstkpLB/0aPa44QxNPaY8W/INgRMs3MRDNM+7Q
vBYoqOr9IeDilpqUCGnnw+UiZHuJXzgW66Dh/Fn2IJYHzDOY0SzXcPwCnVfRoqtU
+5UK6cXY83Y+Si45feJ7k17I2p9EllkTC5czwStFjEW0REbQeN6g31ZkHEiebiYU
izO33UivbSiFKiNDUM/iiJ0HHT6rogVtWkM5bUDeVf9wyQAqUKUaZt1SoX4jkDcw
+CRA8261g3J6tkAKHnDHwK0Zv+NcaGV7RLi0Rl0gIue8t3ZDjKy09wwgoFjlqJG6
6kP0kw5dL5Tp1PLS/ECzaBAb+OEx6YW2cfWbw6KQKXpvbIh04+U18cbhuQENBFsz
jFEBCADaR5wHUVOtzwzOoTp1X5dsvojnG6/9UIn+Z/+5tJFZkxLs0CkBMPtEjR//
39n5jqRi6/iTcVNE+5UvJKny8Z/U8EN1ClcmlDqtwSI+7uqdxvFaSyqUhHy5ihnh
QC4W+n8/eCVWI07t8nDjad4Fd+rhdcSw8CW2FZkhxAA4iiL38MTzaydIhvJzAix4
x8AFh0vSNPUaaRjJoTt+sb9COrCuOyHYncHZV3w20gTNCSIXHiEBVrWIFwCYoaMZ
ThUbz5f0tMlS/lkXPIWc1CLFJs2ZbRAT6u840yV2dJ8zmHdQMC8kb3sRUKQfPkON
ayZAhIkxj0adeaUgGzd/UeZfzW0HABEBAAGJASUEGAEIAA8CGwwFAls17BwFCQBC
+UsACgkQ2XjOd0QXbLaM8ggAnjD0ROpTas/2tN1/q2RXKALGCAbhcg7pL9FP8Kcl
7BuVZQ7qndcutKuN5ppJz96Xf+W0feNRY8+qTAOVayImpzfA1NjQQBOx+MNvJWOT
E91CK/mEWVticTH5ercb8NwYnCF8+ZdKWn4hnfzfVoKcVOmJuAptfbzLoHhmhrpA
7UAt1MxPs1frh9RTcwn6yehvTxv7rVeURQsE8SK0L3JSqZ4AsNjGlD3RtBhrOKIG
dw/Yb38zHjx/+t5HsOJZhaZPtbWRUI6HaJ3ero5vqw//iPDE0Xw2o5/PV8892AT3
Jzw3VA+2z2MSUhb6U8egYE9uNOwqRBlUBDLR5DjsC2UNKg==
=L/Hh
-----END PGP PUBLIC KEY BLOCK-----

Terms and conditions for this contest are listed here.

Good luck. We look forward to seeing you in Vegas.

Hints

Hint 1: The challenges are based on fault attacks and the fault occurs automatically on the server.

Hint 2: The binaries are provided to help you figure out what algorithms are used by the server.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s