My Challenges

I love to make creative and unique challenges that push the players to really think about and investigate potential vulnerabilities, instead of pulling a ready-made exploit from GitHub.

I usually divide my challenges into one of three categories:

  1. TOY challenges are all about analysing and exploiting vulnerabilities in toy cryptographic primitives I make myself. The players will attack these primitives directly. This will test a player’s cryptographic knowledge and their ability to cryptanalyse using the provided source code.

  2. IMP challenges are all about exploiting flaws in the implementation of secure cryptographic primitives. The players will attack the security of these primitives by abusing their flawed implementation. This will test a player’s knowledge on the limitations of the used primitives and their ability to exploit these limitations.

  3. PZL challenges are somewhat looser challenges that challenge the player’s math, logic, and problem solving skills.


In need of Crypto challenges for your CTF? Get in touch!



Overview of Published Challenges

Crypto

Challenge Framework Published Primitive Type Diff Solves
Twizzty Buzzinezz Honeycomb K3RN3LCTF 2021 XOR TOY 1 116
Non-Square Freedom 1 Prime Crimes K3RN3LCTF 2021 RSA TOY 1 21
1-800-758-6237 16-byte Nightmares K3RN3LCTF 2021 AES-CTR IMP 2 28
Poly-Proof Zero-Effort-Proof K3RN3LCTF 2021 PCS TOY 2 11
Poly Expo go BRRRRR Prime Crimes K3RN3LCTF 2021 RSA TOY 3 9
Cozzmic Dizzcovery Honeycomb K3RN3LCTF 2021 XOR PZL 4 3
Non-Square Freedom 2 Prime Crimes K3RN3LCTF 2021 RSA TOY 4 11
Ain’t no Mountain High Enough Mountain Cipher K3RN3LCTF 2021 Hill Cipher TOY 5 1
Objection! Prime Crimes K3RN3LCTF 2021 DSA IMP 6 2
Tick Tock Erratic Elliptics K3RN3LCTF 2021 Group Theory TOY 6 6
Beecryption Honeycomb K3RN3LCTF 2021 Linear TOY 7 2
Shrine of the Sweating Buddha Sweating Buddha K3RN3LCTF 2021 Paillier TOY 8 0
Mowhock Submit to Chaos K3RN3LCTF 2021 Logistic Map TOY 8 0
Game of Secrets Cellular Mania K3RN3LCTF 2021 Game of Life TOY 8 2
Total Encryption Remote Secure Armoury K3RN3LCTF 2021 RSA IMP 9 0
HADIOR Spinning my Web K3RN3LCTF 2021 DSA TOY 9 3

And more, just waiting to be published ~ !

Reverse Engineering

Challenge Framework Published Primitive Type Diff Solves
lightningrod Superweapons K3RN3LCTF 2021 XOR REV 4 3
WannaSwirl (Co-Author) WannaSwirl K3RN3LCTF 2021 Malware REV 7 ?

Misc

Challenge Framework Published Primitive Type Diff Solves
3Dangerous Commute Hyperspatial Engineering K3RN3LCTF 2021 Maze PZL 5 5



Recent Posts

  • UMassCTF 2022 - HatMash

    Cryptography – 500 pts (1 solve) – Chall author: Polymero (me)

    What do you mean “We think you spend too much time with matrices.”? It’s just a hash function, jeez…

  • HackPack CTF 2022 - Repeating Offense

    Cryptography – 443 pts (20 solves) – Chall author: Polymero (me)

    One-time oracles using RSA or Paillier are not a great idea due to those slippery mathemagicians… I would like to see them slip their way through RSA AND Paillier! After all, you cannot rob two banks at the same time. … What?

  • HackPack CTF 2022 - P(ai)^3

    Cryptography – 469 pts (15 solves) – Chall author: Polymero (me)

    Pai-ai-ai… My Paillier scheme seems to be broken and I stored my favourite flag in it. Please help me get it back, will you? Who could have guessed this would ever happen? … Me… I- I wrote it… yeah.

  • K3RN3LCTF 2021 - Total Encryption

    Cryptography – 500 pts (0 solves) – Chall author: Polymero (me)

    “To store our most embarrassing secrets, we created a Remote Secure Armoury protected by layered RSA encryption with XOR blinding. Never again will my friends be able to mock me for my use of words!”

  • K3RN3LCTF 2021 - Tick Tock

    Cryptography – 496 pts (6 solves) – Chall author: Polymero (me)

    “I chopped up my flag and hid it behind this simple key exchange. Try dlogging your way in if you are brave enough!”

  • K3RN3LCTF 2021 - Shrine of the Sweating Buddha

    Cryptography – 500 pts (0 solves) – Chall author: Polymero (me)

    “Welcome to the Shrine of the Sweating Buddha. Share the burden of your worries, my child ~~~.”

    Hint: share some (7) of your worries and perhaps your fortune will guide you to the flag.

  • K3RN3LCTF 2021 - HADIOR

    Cryptography – 499 pts (3 solves) – Chall author: Polymero (me)

    “HADIOR will hold the DOOR.”

  • K3RN3LCTF 2021 - Game of Secrets

    Cryptography – 500 pts (2 solves) – Chall author: Polymero (me)

    “John wants to play a game, a game of secrets. Recover his secret or be encrypted.”

  • K3RN3LCTF 2021 - lightningrod

    Reverse Engineering – 499 pts (3 solves) – Chall author: Polymero (me)

    “Warning: Weather Control Device detected! ZAP ZAP [insert conscript_death.mp3 here]”

    “Note: there is a typo in the flag, sorry >m<.”

  • K3RN3LCTF 2021 - Poly-Proof

    Cryptography – 490 pts (11 solves) – Chall author: Polymero (me)

    They asked me to set up a zero-knowledge proof that runs in polynomial time. I don’t know what that means but I assume they want me to use polynomials, right?

  • K3RN3LCTF 2021 - Poly Expo go BRRRRR

    Cryptography – 494 pts (9 solves) – Chall author: Polymero (me)

    “I’m going to say this again: I did not have sexual relations with that polynomial, Miss Polinsky.”

  • K3RN3LCTF 2021 - Beecryption

    Cryptography – 500 pts (2 solves) – Chall author: Polymero (me)

    I was watching the bees and it seemed as if they were trying to tell me something… Have I finally gone crazy?!?

  • K3RN3LCTF 2021 - Twizzty Buzzinezz

    Cryptography – 100 pts (116 solves) – Chall author: Polymero (me)

    “Some bees convinced me to invest in their new cryptosystem. They zzzaid their new XOR keyzztream would revolutionizzze the crypto market. However, they quickly buzzed away so all I have is this weird flyer they dropped. Luckily it has some source code on the back.”
    “Have I just really been scammed by some bees??”

  • K3RN3LCTF 2021 - Objection!

    Cryptography – 500 pts (2 solves) – Chall author: Polymero (me)

    “Looks like Harry is hoarding his flags again… Maybe he will stop if we can convince him both Alice and Carlo dislike hoarding too. Alice and Carlo, being stereotypical CTF admins, are not responding to your complaints. Guess you will just have to answer for them… Luckily, I managed to secure you a channel to the domain controller of the CTF server.”

  • K3RN3LCTF 2021 - Non-Square Freedom (1 and 2)

    Cryptography – 465 pts (21 solves) and 490 pts (11 solves) – Chall author: Polymero (me)

    “What can I say, I just like squares.”

  • K3RN3LCTF 2021 - Cozzmic Dizzcovery

    Cryptography – 499 pts (3 solves) – Chall author: Polymero (me)

    “See that comb over there? It came from that meteorite I mentioned yesterday. Take a look at this, if I send bytes in, different bytes come out! Then there’s this button that seems to just produce random bytes… I’m absolutely stumped :S”

  • K3RN3LCTF 2021 - Ain't no Mountain High Enough

    Cryptography – 500 pts (1 solve) – Chall author: Polymero (me)

    “Hills are easy to climb, but mountains? Hoho, they sure are something else!”

  • K3RN3LCTF 2021 - 1-800-758-6237

    Cryptography – 437 pts (28 solves) – Chall author: Polymero (me)

    “I NEED A PLUMBER ASAP, MY FLAG IS LEAKING ALL OVER THE PLACE!!!”