It’s well known that the ECDSA signature (as used in Bitcoin) needs to be carefully created, or the private key can be discovered. The nightmare would thus be to sign a few messages and for Eve to then discover the private key from these. In this case, we will look at the case where Alice has two key pairs and signs four messages with these, and for Eve to discover where private keys.

Alice will have two key pairs [1], and with two private keys (x_1 and x_2). She will sign message 1 (m_1) with the first private key (x_1)…

It is a well-known secret that ECDSA needs to be set up properly, else the private key could be revealed. In the worse case, Eve could reveal Alice’s Bitcoin private key from the ECDSA signatures. One of the weaknesses is where the same nonce value is used for different messages. So let’s crack.

With an ECDSA signature, we sign a message with a private key (priv) and prove the signature with the public key (pub). A random value (a nonce) is then used to randomize the signature. Each time we sign, we create a random nonce value and it will…

You name it, and the Internet is centre stage in the debate around recreating our societies: the rights of privacy against the rights of society to protect itself; the rights of countries to define legal frameworks and control their citizens; the rights of law to define criminal activity; and the rights of individuals to have free speech. Basically, it’s old power structures versus new ones, and the next few years will see a massive struggle between the two.

Internet boot-up

I have grown up with the Internet. For me, it has evolved from screaming modems with AOL/Compuserve dial-up connections to finally take…

We have several problems on the Internet. The first is that we have our identities harvested by companies such as Facebook and Google, and the second is that we must now prove things — such as our age or our location — and in doing so, we are revealing our information to others. So how can we create a trusted digital world, where we prove things, without revealing our sensitive information?

We have barely got to the point where we can digitally sign our documents, and where many industries still rely on wet signatures. With this, we create a public…

Your online security depends fundamentally on a beautiful little curve: an elliptic curve. It has been a savour of Cybersecurity in the face of ever-increasing key sizes for RSA, and weaknesses in discrete logarithms (as used in the Diffie-Hellman key exchange method). With RSA, we are moving to 2,048-bit key sizes, but with elliptic curve methods, our private key sizes are often just 256 bits long. For example, if you have Bitcoins, your private key which enables your owner of the cryptocurrency is just 256 bits long.

So I am so pleased, today, that Neal I. Koblitz and Victor Miller…

Why we don’t give every child at school a Raspberry Pi (RPI) is beyond me. It would allow every child to see the power of software and learn operating systems, Python programming and electronics. As Computer Science at school slips every year, we may be losing another generation of technologists. In Scotland, for example, Computer Science is not even in the Top 15 subjects at school.

To me, the RPI is the answer to making software engaging for every child, and opens up learning in an almost infinite number of possibilities. From the days of the classic BBC Micro, I’ve…