It looks like it exploits what Vaudenay warned against in 2004 : "Digital Signature Schemes with Domain Parameters" ( https://lasec.epfl.ch/pub/lasec/doc/Vau04b.pdf … )https://twitter.com/NSAGov/status/1217152211056238593 …
You can add location information to your Tweets, such as your city or precise location, from the web and via third-party applications. You always have the option to delete your Tweet location history. Learn more
This degenerate case was just confirmed to work by @reaperhulk , thank you! (@kennyog @kennwhite )
When comparing a received cert to cached root certs, windows only compared the public keys, but not the parameters, and would therefore assume that a received fake root cert C' with different parameters was the same as a cached root cert C, using C' to verify the cert chain.
By choosing the right parameters for C', you can know the private key for C' -- even when you don't know the private key for C -- as Vaudenay noted in 2004.
for context: A defined curve has an order n [prime number] and a generator point G [point] privKey ≡ random number [integer] pubKey ≡ privKey * generator [scalar * point = point] the part I don't quite get yet is where the generator/"curve" is stored and if it is modifiable
because I thought the "curve" was a fixed thing, so which part is stored in the cert if any? can you have custom ones and it will still accept them? source on terms:https://cryptobook.nakov.com/digital-signatures/ecdsa-sign-verify-messages …
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.