Readit Newsspiridow commented on Polynonce: A Tale of a Novel Ecdsa Attack and Bitcoin Tears research.kudelskisecurity... · Posted by u/lisper
Too bad you didn't try it with much higher degrees.
The "infamous" reference generators from NIST 800-22 included linear, quadratic and cubic congruential generators only.
A potentially vulnerable implementation that may have used this document as a reference would probably have only gone up to the cubic case.
So I think it's unlikely that someone used a recurrence equation of higher degrees. But you never know.
Also, the higher the degree, the more resources the attack will require. So, we opted for a balanced cost/benefit approach.
spiridow commented on Polynonce: A Tale of a Novel Ecdsa Attack and Bitcoin Tears research.kudelskisecurity... · Posted by u/lisper
I find it fun that some of the stolen tokens appear to have been donated back to a Bitcoin advocate.
* Why should I use a security key?
* What is it used for?
* How can I choose one ?
* What features should I look for?
We did cover FIDO2/Passkeys but also multiple other use cases.
Here are the slides if you're interested: https://tome.one/slides/amiet-pelissier-security-keys-worksh...