let me clarify that statement: ECDSA is very brittle. even the smallest biases in the PRNG generating the random value k => key leakage
-
-
Replying to @matthew_d_green
@matthew_d_green@esizkur What happens in Schnorr if you repeat a k?1 reply 0 retweets 0 likes -
Replying to @tqbf1 reply 0 retweets 0 likes
-
Replying to @matthew_d_green
@tqbf@esizkur Ironically DSA has no security proof worth a damn, so they could have removed this feature. It's ridiculous that they didn't.1 reply 0 retweets 0 likes -
Replying to @matthew_d_green
@matthew_d_green@tqbf@esizkur why is it that in cryptography the biggest shits float to the top?1 reply 0 retweets 0 likes -
Replying to @bascule1 reply 0 retweets 0 likes
Replying to @matthew_d_green
@matthew_d_green @tqbf @esizkur oh right
12:45 PM - 3 Apr 2013
0 replies
0 retweets
0 likes
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.