Provably Secure Signature

hardware VM fault attacks RSA FCSC 2026 solved on

star

Description

It’s a shock for Mr. CRT1: he has just learned that, with the right protocol, the RSA signature scheme is not vulnerable to the famous Bellcore attack.

Confident, he decides to implement RSA without verifying the signature.

The documentation of the virtual machine is available on this page.

Files

  • docker-compose.yml
  • provably-secure-signature.py
    2.58 KiB – 62a954d3697a6314e11d77d06bd15a083fd771535c5b22c092195855f1967261
  • rsa-sign.asm
    2.20 KiB – e0205b6a61b08af18b3baf4dc77ae62f5c67e675c58b73ae9b4afd9a0ef51a55
  • assembly.py
    20.84 KiB – db186ab7dfb5f5e7f4790f1afc951deda349a8a9565a57b6328da2ba89965525
  • crypto_accelerator.py
    5.25 KiB – 1ebb35bacb5781a66565509022235f9a1e47f37273b1d35515af58523b632458
  • machine.py
    20.20 KiB – 0d0792ae42774cc0252136201d247d93a8ccc77f66bc11a33269ed5ba530db42
  • machine_faulted.py
    499 B – 69a8ec68c3b8c02fd84c56de685ef407c63e5d0c7759d6e2bfb729930f793b30

Author

Neige

Challenge Instructions

  1. First, download docker-compose.yml:
    curl https://hackropole.fr/challenges/fcsc2026-hardware-provably-secure-signature/docker-compose.public.yml -o docker-compose.yml
  2. Launch the challenge by executing in the same folder:
    docker compose up
  3. Then, in another console, access the challenge with Netcat:
    nc localhost 4000
⚠️ Important: You must solve the challenge by interacting with the Docker container through the exposed network port. Any other way is not considered valid.

In case you encounter problems, please consult the FAQ.

Flag

Share my success on Fediverse, Twitter, Linkedin, Facebook, or via email.

Submit your solution

You can submit your writeup for this challenge. Read the FAQ to learn how to proceed.

You need to be logged in to submit a writeup.

Writeups

There are no public solutions for this challenge yet, but you can submit yours after getting the flag.