Breaking unlinkability in Identity Mixer using malicious keys

CL Signatures Issuer Key Correctness Proof lacks of prime strength checking A weakness in the Hyperledger AnonCreds specification that is not mitigated in the Ursa and AnonCreds implementations is that the Issuer does not publish a key correctness proof demonstrating that a generated private key ...

Design/Logic Flaw

The Bulletproofs 2017/1066 paper mishandles Fiat-Shamir generation because the hash computation fails to include all of the public values from the Zero Knowledge proof statement as well as all of the public values computed in the proof, aka the Frozen Heart issue...

CVE-2022-29566

CVE-2022-29566 concerns Bulletproofs (2017/1066) where the Fiat-Shamir transformation mishandles hash input, failing to include all public values from the ZK proof statement and those computed during the proof (the Frozen Heart issue). The connected documents identify the root cause as this defic...

PT-2022-19701 · Unknown · Bulletproofs

Name of the Vulnerable Software and Affected Versions: Bulletproofs affected versions not specified Description: The issue arises from the mishandling of Fiat-Shamir generation in the Bulletproofs 2017/1066 paper. Specifically, the hash computation fails to include all public values from the Zero...

Micali-Schnorr Generator (MS-DRBG) Part III - Zero Knowledge Proof Wanted!!

See also Part I and Part II of this series This is going to be a short blog post about the infamous Micali-Schnorr Random Number Generator MS-DRBG. See Part I and Part II of this series for more information about this topic. WHO: NIST published the specification for Micali-Schnorr Random Number...