The HiMQ-3 signature scheme is a very efficient multivariate signature scheme and was one of the first round candidates of the NIST post-quantum standardization process.

In this talk we present a new attack against HiMQ-3, the so called singularity attack. The attack uses a large number of (message/signature) pairs to recover an equivalent private key, which allows an attacker to forge signatures for arbitrary messages.

While our attack does not break the scheme completely, it shows that the security claims of the authors are not correct.