Image for post
Image for post

The ECDSA signature method is used to sign a message with a private key. So rather than sharing the signature, could we give a share of the signature to a number of nodes, and who must come together to share the signature, and they can only recover it if enough hosts come together to share their shares. In this case, we will use Shamir Secret Shares (SSS). We thus have n shares, and where we can recover the share using t nodes:


Image for post
Image for post

It’s well known that the ECDSA signature (as used in Bitcoin) needs to be carefully created, or the private key can be discovered. The nightmare would thus be to sign a few messages and for Eve to then discover the private key from these. In this case, we will look at the case where Alice has two key pairs and signs four messages with these, and for Eve to discover where private keys.

Alice will have two key pairs [1], and with two private keys (x_1 and x_2). She will sign message 1 (m_1) with the first private key (x_1)…


Image for post
Image for post

It is a well-known secret that ECDSA needs to be set up properly, else the private key could be revealed. In the worse case, Eve could reveal Alice’s Bitcoin private key from the ECDSA signatures. One of the weaknesses is where the same nonce value is used for different messages. So let’s crack.

With an ECDSA signature, we sign a message with a private key (priv) and prove the signature with the public key (pub). A random value (a nonce) is then used to randomize the signature. Each time we sign, we create a random nonce value and it will…


Image for post
Image for post

I am so pleased to see that Jacob Ziv has received the IEEE Medal of Honor. Along with Abraham Lempel he created two lossless compression methods (LZ-77 and LZ-78) and which are the basis of a wide range of compressed file types including ZIP and GIF/PNG files. In many previous compression methods, there was some loss of bits when decompressing, but Lempel and Ziv found a way to compress data so that commonly occurring bit sequences could be represented by fewer bits than less common ones. …


Image for post
Image for post

You name it, and the Internet is centre stage in the debate around recreating our societies: the rights of privacy against the rights of society to protect itself; the rights of countries to define legal frameworks and control their citizens; the rights of law to define criminal activity; and the rights of individuals to have free speech. Basically, it’s old power structures versus new ones, and the next few years will see a massive struggle between the two.

Internet boot-up

I have grown up with the Internet. For me, it has evolved from screaming modems with AOL/Compuserve dial-up connections to finally take…


Image for post
Image for post

We have several problems on the Internet. The first is that we have our identities harvested by companies such as Facebook and Google, and the second is that we must now prove things — such as our age or our location — and in doing so, we are revealing our information to others. So how can we create a trusted digital world, where we prove things, without revealing our sensitive information?

We have barely got to the point where we can digitally sign our documents, and where many industries still rely on wet signatures. With this, we create a public…


Image for post
Image for post
Koblitz (left) and Miller (right)

Your online security depends fundamentally on a beautiful little curve: an elliptic curve. It has been a savour of Cybersecurity in the face of ever-increasing key sizes for RSA, and weaknesses in discrete logarithms (as used in the Diffie-Hellman key exchange method). With RSA, we are moving to 2,048-bit key sizes, but with elliptic curve methods, our private key sizes are often just 256 bits long. For example, if you have Bitcoins, your private key which enables your owner of the cryptocurrency is just 256 bits long.

So I am so pleased, today, that Neal I. Koblitz and Victor Miller…


Image for post
Image for post

Why we don’t give every child at school a Raspberry Pi (RPI) is beyond me. It would allow every child to see the power of software and learn operating systems, Python programming and electronics. As Computer Science at school slips every year, we may be losing another generation of technologists. In Scotland, for example, Computer Science is not even in the Top 15 subjects at school.

To me, the RPI is the answer to making software engaging for every child, and opens up learning in an almost infinite number of possibilities. From the days of the classic BBC Micro, I’ve…


Image for post
Image for post
Évariste Galois — Aged 15 https://en.wikipedia.org/wiki/%C3%89variste_Galois

In 1831, Évariste Galois died of duelling wounds at the age of 20 but left a great legacy. While he was a teenager he worked on polynomials and laid down the principles of Galois theory, along with defining the concept of a finite field. In cryptography, the finite field is one of the major concepts and involves limiting the number of possible values to a limiting factor (p). The values of the field then range from 0 to p-1.

A Galois field

Within a field, we can operate on values in the field using arithmetic operations. We can thus have an infinite field…

Prof Bill Buchanan OBE

Professor of Cryptography. Serial innovator. Believer in fairness, justice & freedom. EU Citizen. Auld Reekie native. Old World Breaker. New World Creator.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store