2 matches found
Breaking ECDSA with Two Affinely Related Nonces
The security of the Elliptic Curve Digital Signature Algorithm ECDSA depends on the uniqueness and secrecy of the nonce, which is used in each signature. While it is well understood that nonce $k$ reuse across two distinct messages can leak the private key, we show that even if a distinct value i...
golang: crash in a golang.org/x/crypto/ssh server
A broken cryptographic algorithm flaw was found in golang.org/x/crypto/ssh. This issue causes a client to fail authentication with RSA keys to servers that reject signature algorithms based on SHA-2, enabling an attacker to crash the server, resulting in a loss of availability...