tkteo · @tkteo
38 followers · 1167 posts · Server infosec.exchange
sharing via https://infosec.exchange/@nhamiel
"In this blog post, we tell a tale of how we discovered a novel attack against ECDSA and how we applied it to datasets we found in the wild, including the Bitcoin and Ethereum networks. Although we didn’t recover Satoshi’s private key (we’d be throwing a party instead of writing this blog post), we could see evidence that someone had previously attacked vulnerable wallets with a different exploit and drained them. We cover our journey, findings, and the rabbit holes we explored. We also provide an academic paper with the details of the attack and open-source code implementing it, so people building software and products using ECDSA can ensure they do not have this vulnerability in their systems.
How Bad Is It?
In simpler words, what our attack means is that every time an ECDSA signature is generated, the signature itself gives us a relation between the nonce and the private key. If the nonces are truly randomly generated, this should never be a problem because the chance that a number of nonces picked at random fit on a low-degree polynomial recurrence relation is negligibly small.
But there is a catch: nonces are usually output by a pseudorandom number generator (PRNG) rather than being really random, and PRNGs are deterministic algorithms with relatively low complexity. #encryption #ecdsa #ellipticcurve #algorithm #algorithms #bitcoin #ethereum
#encryption #ecdsa #ellipticcurve #algorithm #algorithms #bitcoin #ethereum
DiffieHellmanStan · @diffiehellmanstan
7 followers · 40 posts · Server infosec.exchangeA great article that goes over how the #SIKE algorithm was cracked with a single #PC and high-level #theoretical #mathematics re: the #EllipticCurve. #EllipticCurveCryptography
https://phys.org/news/2022-11-mathematical-theorem-encryption-algorithm.html
#sike #pc #theoretical #mathematics #ellipticcurve #ellipticcurvecryptography
mc ☕ · @mc
85 followers · 819 posts · Server qoto.orgDid you know?
"An Elliptic Curve Primality Proving (ECPP) algorithm was used via a primality proving program, Primo 4.3.0 - LX64, to generate a primality certificate which deterministically verifies the primality of p. The certification process took 39 days and 8 hours to complete using an AMD Ryzen Threadripper 2950X (16-Core, 32-Thread, 3.5GHz Base)."
#mathematics #didyouknow #ellipticcurve #primality
mc ☕ · @mc
85 followers · 819 posts · Server qoto.orgDid you know?
"An Elliptic Curve Primality Proving (ECPP) algorithm was used via a primality proving program, Primo 4.3.0 - LX64, to generate a primality certificate which deterministically verifies the primality of p. The certification process took 39 days and 8 hours to complete using an AMD Ryzen Threadripper 2950X (16-Core, 32-Thread, 3.5GHz Base)."
#didyouknow #ellipticcurve #primality
theHigherGeometer · @highergeometer
229 followers · 31 posts · Server mathstodon.xyzHere's a fun fact: the oldest-known rational point on *any* #ellipticCurve lies on
y(6-y) = x³ - x
This was considered by Diophantus, problem 24 of Book IV of Arithmetica:
"To divide a given number into two numbers such that their product is cube minus its side"
The "given number" is 6, and the cube turns out to have side length 17/9.
The rational point is:
(x,y) = ( 17/9 , 26/27 )
https://mathoverflow.net/questions/360834/why-is-this-the-first-elliptic-curve-in-nature