Explore >> Select a destination
|
You are here 
|
blog.josefsson.org | ||
| | | | |
blog.cr.yp.to
|
|
| | | | | [AI summary] The text discusses the complexities and security concerns of the ECDSA (Elliptic Curve Digital Signature Algorithm) compared to more modern signature systems like Ed25519. It highlights issues such as the lack of constant-time implementations in ECDSA, the importance of secure random number generation (RNG) for generating nonces (k), and the vulnerabilities that can arise from poor RNG practices. The text also compares ECDSA with alternatives like Ed25519, which uses deterministic methods for generating k, thus avoiding the need for an RNG and enhancing security. Additionally, it touches on the design of secure RNGs, the role of hash functions in generating k, and the potential for attacks due to non-constant-time implementations and poor random... | |
| | | | |
blog.trailofbits.com
|
|
| | | | | The elliptic curve digital signature algorithm (ECDSA) is a common digital signature scheme that we see in many of our code reviews. It has some desirable properties, but can also be very fragile. For example, LadderLeak was published just a couple of weeks ago, which demonstrated the feasibility of key recovery with a side channel [...] | |
| | | | |
keymaterial.net
|
|
| | | | | Sigh. I really didn't want to have to write this blog post. There is a story going around, claiming that the NSA somehow unduly influenced NIST to choose Kyber over NTRU, despite Kyber not being secure enough. The story is based on this blog post, by famous cryptographer Daniel J. Bernstein (also known as djb),... | |
| | | | |
www.randomservices.org
|
|
| | | |||
