Outer Web | Explore

Explore >> Select a destination

You are here		blog.trailofbits.com ECDSA: Handle with Care -The Trail of Bits Blog
\|	\|	keymaterial.net Reconstructing public keys from signatures - Key Material	2.5 parsecs away Travel
\|	\|	One weird hobby of mine is reasonable properties of cryptographic schemes that nobody promised they do or don't have. Whether that's invisible salamanders or binding through shared secrets, anything that isn't just boring IND-CCA2 or existential unforgeability is just delightful material to construct vulnerabilities with. Normally, with a signature scheme, you have the public key...	2.5 parsecs away Travel
\|	\|	andrea.corbellini.name Elliptic Curve Cryptography: ECDH and ECDSA - Andrea Corbellini	3.3 parsecs away Travel
\|	\|	[AI summary] The text discusses the fundamentals of Elliptic Curve Cryptography (ECC), focusing on Elliptic Curve Diffie-Hellman (ECDH) and Elliptic Curve Digital Signature Algorithm (ECDSA). It explains how ECDH enables secure key exchange and how ECDSA allows for digital signatures. The text also covers the importance of secure random number generation in ECDSA, highlighting the risks of using a predictable or static secret key, as seen in the PlayStation 3 incident. The discussion includes code examples for ECDH and ECDSA operations and the consequences of poor implementation practices. The text concludes by mentioning future articles on solving discrete logarithms and ECC compared to RSA.	3.3 parsecs away Travel
\|	\|	blog.cr.yp.to cr.yp.to: 2014.03.23: How to design an elliptic-curve signature system	3.1 parsecs away Travel
\|	\|	[AI summary] The text discusses the complexities and security concerns of the ECDSA (Elliptic Curve Digital Signature Algorithm) compared to more modern signature systems like Ed25519. It highlights issues such as the lack of constant-time implementations in ECDSA, the importance of secure random number generation (RNG) for generating nonces (k), and the vulnerabilities that can arise from poor RNG practices. The text also compares ECDSA with alternatives like Ed25519, which uses deterministic methods for generating k, thus avoiding the need for an RNG and enhancing security. Additionally, it touches on the design of secure RNGs, the role of hash functions in generating k, and the potential for attacks due to non-constant-time implementations and poor random...	3.1 parsecs away Travel
\|	\|	www.stylobite.com Securing Small Businesses: The Role of Managed IT Support in Cybersecurity - Stylo Bite	21.7 parsecs away Travel
\|		In today's digital landscape, small businesses face increasing cybersecurity threats that can have devastating consequences. Cybercriminals target small businesses due to their often limited resources and weaker security measures. To combat these risks, small businesses can benefit greatly from robust cybersecurity measures provided by managed IT support. In this article, we will explore the importance [...]	21.7 parsecs away Travel