Whoops, @Yubico just scored 31% on the Sony PS3 Epic Fail scale. Collect three signatures from a FIPS Yubikey and you can calculate the private key.https://www.yubico.com/support/security-advisories/ysa-2019-02/ …
-
-
Do I understand correctly that if deterministic signature algorithm was chosen, this problem wouldn't be that huge?
2 replies 0 retweets 16 likes -
Yes.
1 reply 0 retweets 11 likes -
Oh, people never learn...
1 reply 0 retweets 5 likes -
To be fair, Yubico doesn't get to pick what curves they need to implement for a given standard.
1 reply 1 retweet 32 likes -
Deterministic nonce generation is possible for all curves, isn't it? Besides, mandating possibly flawed curves is quite bad idea but maybe it's due to back compat.
1 reply 1 retweet 10 likes -
It is, but it isn't the standard for most curves, and *especially* for a FIPS device I doubt they could get away with doing that. Most standards are still using horrid NSA curves, even U2F. Only very recently is ed25519 expanding beyond the space of open source software.
3 replies 0 retweets 31 likes -
This Tweet is unavailable.
I doesn't really matter. It might be less likely to be backdoored by the NSA, but that's about it.
7:59 AM - 16 Jun 2019
![MⒶrtin HⒶboⓋštiak [BEFORE! Jan/3➞₿🔑∎, LNP/BP]](https://pbs.twimg.com/profile_images/1155014533720748032/DCY6N45O_normal.jpg)
0 replies
0 retweets
1 like
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.