Nadia Heninger: Lattice Attacks against Weak ECDSA Signatures in Cryptocurrencies
Date: Friday, May 31, 2019
Time: 10:30 AM to 12:00 PM
Location: Hewlett, G882
Event Type: Seminar
Host: Vinod Vaikuntanathan
Contact: Deborah Goodwin, 617.324.7303, email@example.com
Speaker URL: None
TALK: Nadia Heninger: Lattice Attacks against Weak ECDSA Signatures in Cryptocurrencies
We compute hundreds of Bitcoin private keys and dozens of Ethereum, Ripple, SSH, and HTTPS private keys by carrying out cryptanalytic attacks against digital signatures contained in public blockchains and Internet-wide scans. The ECDSA signature algorithm requires the generation of a per-message secret nonce. This nonce must be generated perfectly uniformly, or else an attacker can exploit the nonce biases to compute the long-term signing key. We use a lattice-based algorithm for solving the hidden number problem to efficiently compute private ECDSA keys that were used with biased signature nonces due to multiple apparent implementation vulnerabilities.
Created by Deborah Goodwin at Monday, February 04, 2019 at 2:59 PM.