The ECDSA signature method is used to sign a message with a private key. So rather than sharing the signature, could we give a share of the signature to a number of nodes, and who must come together to share the signature, and they can only recover it if enough hosts come together to share their shares. In this case, we will use Shamir Secret Shares (SSS). We thus have n shares, and where we can recover the share using t nodes:
It’s well known that the ECDSA signature (as used in Bitcoin) needs to be carefully created, or the private key can be discovered. The nightmare would thus be to sign a few messages and for Eve to then discover the private key from these. In this case, we will look at the case where Alice has two key pairs and signs four messages with these, and for Eve to discover where private keys.
Alice will have two key pairs [1], and with two private keys (x_1 and x_2). She will sign message 1 (m_1) with the first private key (x_1)…
It is a well-known secret that ECDSA needs to be set up properly, else the private key could be revealed. In the worse case, Eve could reveal Alice’s Bitcoin private key from the ECDSA signatures. One of the weaknesses is where the same nonce value is used for different messages. So let’s crack.
With an ECDSA signature, we sign a message with a private key (priv) and prove the signature with the public key (pub). A random value (a nonce) is then used to randomize the signature. Each time we sign, we create a random nonce value and it will…
I am so pleased to see that Jacob Ziv has received the IEEE Medal of Honor. Along with Abraham Lempel he created two lossless compression methods (LZ-77 and LZ-78) and which are the basis of a wide range of compressed file types including ZIP and GIF/PNG files. In many previous compression methods, there was some loss of bits when decompressing, but Lempel and Ziv found a way to compress data so that commonly occurring bit sequences could be represented by fewer bits than less common ones. …
In 1984, Adi Shamir proposed an alterative to PKI (Public Key Infrastructure) [here][1]:
You name it, and the Internet is centre stage in the debate around recreating our societies: the rights of privacy against the rights of society to protect itself; the rights of countries to define legal frameworks and control their citizens; the rights of law to define criminal activity; and the rights of individuals to have free speech. Basically, it’s old power structures versus new ones, and the next few years will see a massive struggle between the two.
I have grown up with the Internet. For me, it has evolved from screaming modems with AOL/Compuserve dial-up connections to finally take…
We have several problems on the Internet. The first is that we have our identities harvested by companies such as Facebook and Google, and the second is that we must now prove things — such as our age or our location — and in doing so, we are revealing our information to others. So how can we create a trusted digital world, where we prove things, without revealing our sensitive information?
We have barely got to the point where we can digitally sign our documents, and where many industries still rely on wet signatures. With this, we create a public…
Your online security depends fundamentally on a beautiful little curve: an elliptic curve. It has been a savour of Cybersecurity in the face of ever-increasing key sizes for RSA, and weaknesses in discrete logarithms (as used in the Diffie-Hellman key exchange method). With RSA, we are moving to 2,048-bit key sizes, but with elliptic curve methods, our private key sizes are often just 256 bits long. For example, if you have Bitcoins, your private key which enables your owner of the cryptocurrency is just 256 bits long.
So I am so pleased, today, that Neal I. Koblitz and Victor Miller…
Why we don’t give every child at school a Raspberry Pi (RPI) is beyond me. It would allow every child to see the power of software and learn operating systems, Python programming and electronics. As Computer Science at school slips every year, we may be losing another generation of technologists. In Scotland, for example, Computer Science is not even in the Top 15 subjects at school.
To me, the RPI is the answer to making software engaging for every child, and opens up learning in an almost infinite number of possibilities. From the days of the classic BBC Micro, I’ve…
In 1831, Évariste Galois died of duelling wounds at the age of 20 but left a great legacy. While he was a teenager he worked on polynomials and laid down the principles of Galois theory, along with defining the concept of a finite field. In cryptography, the finite field is one of the major concepts and involves limiting the number of possible values to a limiting factor (p). The values of the field then range from 0 to p-1.
Within a field, we can operate on values in the field using arithmetic operations. We can thus have an infinite field…
Professor of Cryptography. Serial innovator. Believer in fairness, justice & freedom. EU Citizen. Auld Reekie native. Old World Breaker. New World Creator.