@Loucovey In what sense? As far as I know, current computers cannot break algorithms such as #RSA, #ECDSA, #AES, or protocols such as Diffie-Hellman / #ECDH.

Au cœur de la #sécurité de #Bitcoin, nous retrouvons l’ #algorithme de #cryptographie #asymétrique #ECDSA à base de #courbes #elliptiques.

Mais une récente étude menée par #Google laisse penser que cela pourrait être méme plus simple que prévu de casser la #cryptographie #moderne avec l’ #informatique #quantique

https://journalducoin.com/actualites/informatique-quantique-google-devoile-pouvoir-casser-rsa-2048-plus-vite-prevu/

Сложение точек эллиптической кривой в числах, как на калькуляторе

Принципы реализации математических концепций прикладной криптографии полезно рассматривать в числах. Эллиптические кривые представляют собой один из важнейших элементов криптографии (и современной теоретической математики тоже). На всякой эллиптической кривой можно складывать точки. Эта операция составляет основу многих криптосистем. Например, ECDH. В этой статье мы возьмём конкретное, - но обозримое, - уравнение кривой, посмотрим на формулы и проведём прямые вычисления, чтобы убедиться, что всё работает так, как предполагалось. В статье много чисел и есть пример на Rust.

https://habr.com/ru/articles/912658/

#эллиптические_кривые #алгоритмы #математика #умножение #криптография #диффихеллман #ecdsa #ecdh

Реализация постквантовых алгоритмов на Java и Go

В последнее время в СМИ много публикаций о новых квантовых компьютерах, которые представляют угрозу для современной криптографии. Например, недавно Google сообщила о разработке квантового процессора Willow , который в специально сформулированной задаче превышает производительность самого мощного суперкомпьютера в септиллион раз (септиллион = 10 25 ). Хотя квантовая криптография быстро развивается, ей ещё далеко до того, чтобы угрожать современной криптографии. Более того, разработан ряд постквантовых алгоритмов и шифров, которые устойчивы к квантовым вычислениям.

https://habr.com/ru/companies/globalsign/articles/887178/

#Java #криптографического_алгоритм #Google #Willow #Dilithium #QPU #Heron #SHA256 #RSA #ECDSA #ECDH #MLKEM #MLDSA #SLHDSA #постквантовая_криптография #CRYSTALS

Most #OpenStreetMap services are now using #ECDSA HTTPS web certificates, the remaining certificates will transition upon renewal. Another small incremental improvement to performance and privacy. We manage 164 certificates which are valid for 516 domains and sub-domains (via Subject Alternative Names). All secured by #LetsEncrypt 🤓❤️🔐

Elliptic's private key extraction in #ECDSA upon signing a malformed input (e.g. a string)
https://github.com/advisories/GHSA-vjh7-7g9h-fjfh

Elliptic's private key extraction in #ECDSA upon signing a malformed input (e.g. a string)
https://github.com/advisories/GHSA-vjh7-7g9h-fjfh

Elliptic's private key extraction in #ECDSA upon signing a malformed input (e.g. a string)
https://github.com/advisories/GHSA-vjh7-7g9h-fjfh

#Encryption methods: #sha256 #ECDH, #ECDSA and #RSA NOT Approved by ASD in Australia for beyond 2030. These four methods are used for virtually every Web connection that we create currently. The guidance comes from the Australian Signals Directorate (ASD) https://www.cyber.gov.au/resources-business-and-government/essential-cyber-security/ism/cyber-security-guidelines/guidelines-cryptography

Don't dismiss the #Yubico security advisory, but don't panic either. My hot take, pending further analysis of the full 88-page report, is that at present the problem is limited to ECC signing functions and doesn't provide a practical attack surface for keys that remain in your physical possession, use non-cached KDF for PINs, and aren't connected to untrusted hardware.

1. Read https://www.yubico.com/support/security-advisories/ysa-2024-03/ to learn more about what's wrong, and the full 88-page technical report available from https://ninjalab.io/eucleak/.

2. Stop here if you don't use the #FIDO2, #OpenPGP, or #PIV functions of the card.

If you do have an affected firmware version AND are using elliptic curves for signing, there are some mitigations you can take.

1. Run KDF setup if you haven't already, and then regenerate your PIN numbers for all affected protocols on vulnerable keys. NB: I couldn't find this in the advisory, but it makes sense if you stop and think about it.

2. Add a PIN to your FIDO2 authentication on affected firmware versions.

3. Disable the "touch cache" feature on the key to limit the potential window of exposure window on untrusted hardware.

4. Switch all #ECDSA signing and attestation keys to use #RSA instead of an elliptic curve algorithm if possible. This is generally the default for most impacted functions, but may have been changed by advanced users or by organizational policy. NB: For OpenPGP, make sure you generate a revocation certificate for your signing key first before replacing the signature slot. This may impact other OpenPGP keys too if they were signed with the ECC key, so you might need to re-sign or regenerate your other keys as well.

5. If you rely on FIDO2, supplement your FIDO2 authentication with an additional factor if possible.

6. Revoke and replace keys that must use ECC algorithms for signing keys, use FIDO2 without an additional factor, are likely to be exposed to untrusted hardware, or that can't be used with a device PIN.

The only thing that really makes this vulnerability inconvenient is that the firmware of affected keys can't be replaced. I have seen no announcements about whether or not Yubico will be offering some kind of replacement program to affected customers, but users of RSA signature keys, the default Yubico attestation certificates, or the #YubiOTP protocol do not appear to be impacted at this time.

Ciekawy, ale na szczęście trudny do realizacji atak klonowania kluczy Yubikey

Firma Yubico, jeden z popularnych producentów kluczy U2F poinformowała o ataku na niektóre ze swoich kluczy (lista poniżej). Problem dotyczy także innych producentów, bo błąd wykryto w bibliotece kryptograficznej obsługującej klucze ECDSA.
Zanim przejdziemy do opisu tego ataku, już na wstępie podkreślmy, że wymaga on najpierw przeprowadzenia udanego ataku phishingowego na ofierze, a potem fizycznego dostępu do klucza ofiary przez kilka minut oraz zniszczenia jego obudowy a także specjalistycznego sprzętu i wiedzy. Dlatego eksperci oceniają, że jest bardzo małoprawdopodobne, aby ta technika ataku była stosowana masowo i na zwykłych użytkownikach. Więc nie przewiercajcie jeszcze swoich kluczy U2F.
Choć faktycznie, atak jest ultratrudny do przeprowadzenia, to naszym zdaniem Yubico i tak powinno się spalić ze wstydu. Jak za chwilę zobaczycie, wykonana przez badaczy analiza i wykryty błąd nie są wybitnie odkrywcze, więc oczekiwalibyśmy, żeby to inżynierowie Yubico sami przeprowadzali tego typu testy na produkowanych przez siebie kluczach. Standardowo.
Atak Eucleak
Błąd odkryto się w mikrokontrolerze Infineon 9, a dokładniej w obsługującego go bibliotece kryptograficznej implementującej obsługę ECDSA. Ten mikrokontroler wraz z biblioteką jest używany w różnych urządzeniach wielu producentów (zapewne na dniach pojawi się więcej informacji, gdzie konkretnie). Jeśli chodzi o Yubico, to wiemy, że błąd występuje w poniższych kluczach YubiKey:
YubiKey 5 Series versions prior to 5.7
YubiKey 5 FIPS Series prior to 5.7
YubiKey 5 CSPN Series prior to 5.7
YubiKey Bio Series versions prior to 5.7.2
Security Key Series all versions prior to 5.7
YubiHSM 2 versions prior to 2.4.0
YubiHSM 2 FIPS versions [...]

#ECDSA #FIDO #FIDO2 #FIPS #HSM #Infineon9 #Kryptografia #Yubico #Yubikey

https://niebezpiecznik.pl/post/ciekawy-ale-na-szczescie-trudny-do-realizacji-atak-klonowania-kluczy-yubikey/

i want to know, which companies/agencies were doing this highest level common criteria certification evaluation for the #infineon library that had this side-channel. #eucleak #ecdsa

對 YubiKey 5 的 side-channel attack

在 Hacker News Daily 上看到的「EUCLEAK Side-Channel Attack on the YubiKey 5 Series (ninjalab.io)」，原文在「EUCLEAK」這邊。

對 YubiKey 5 的攻擊，攻擊需要能夠碰到實體的 key，透過 side-channel 取得 ECDSA secret key 進而複製：

The attack requires physical acce

https://blog.gslin.org/archives/2024/09/04/11960/%e5%b0%8d-yubikey-5-%e7%9a%84-side-channel-attack/

#Computer #Hardware #Murmuring #Security #Software #attack #channel #ecdsa #fido #key #secret #security #side #yubico #yubikey

Lol. I was being a bit annoyed at the wording of the #ecdsa concern section in the #archwiki as it lacks neuance and largely just quotes You Know Who^tm as the source.

However it seems like #Wikipedia has almost an identical section on it's wikipage.

Turns out someone just copypasted the section from archwiki.

https://en.wikipedia.org/w/index.php?title=Elliptic_Curve_Digital_Signature_Algorithm&diff=prev&oldid=819880847

https://wiki.archlinux.org/index.php?title=SSH_keys&diff=prev&oldid=406036

Vous l'avez peut-être remarqué, mes zones #DNS personnelles (comme bortzmeyer.org) viennent de changer d'algorithme de signature cryptographique. RSA a été remplacé par #ECDSA.

https://www.bortzmeyer.org/rollover-algorithm-opendnssec.html

#DNSSEC

There's an online #ECDSA #whitebox contest - by #CHES conference.

You get various implementations (with sources) : they sign your message with ECDSA and a hidden key in the sources. It's whitebox, so you get the sources...

Solved a first implementation, using a Python library I found on the net (no glory, I didn't do a think apart install & execute it). And got my first dancing banana.

https://whibox-contest-2024.cryptoexperts.net

You can also play defense and provide an implementation.

Разбор заданий PHDays 2024 взлом Web3 CTF

С 23 по 26 мая Positive Technologies проводили конференцию PHDays по кибер безопасности с CTF конкурсами по разным направлениям. Про Web3 blockchain CTF узнал случайно от друзей и очень обрадовался, т.к. этой сферой давно интересуюсь. По итогу занял 2-е место, далее разберу все задачи.

https://habr.com/ru/articles/819797/

#solidity #circom #ecdsa #phdays #ctf #blockchain #positive_technologies

Asymmetric #TPM2 #keys v7:

https://lore.kernel.org/linux-crypto/20240528210823.28798-1-jarkko@kernel.org/T/#mb07f85a8c3f4af388cbc08438e71ac8aea447d85

This is the first version with fully working #ECDSA signing and signature verification with the public key.

Implementation notes:

1. Accepts only sha256 at this point. Can be easily extended later. It is best overall choice for the first version.
2. Does not accept any authentication policy yet. Can be extended later by adding a new parameter to match_table_t param_keys in security/keys/keyctl_pkey.c. E.g. "policy=%s".

I’m pretty happy with this, given that I did it fully during 1.5 week period on my free time and unpaid ;-)

#Linux #kernel #TPM

#PuTTY #SSH client flaw allows recovery of #cryptographic #privatekeys
The vulnerability (CVE-2024-31497) was discovered by Fabian Bäumer and Marcus Brinkmann of the Ruhr University Bochum and is caused by how PuTTY generates #ECDSA nonces (temporary unique cryptographic numbers) for the NIST P-521 curve used for SSH authentication. The main repercussion of recovering the private key is that it allows unauthorized access to SSH servers or sign commits as the developer.
https://www.bleepingcomputer.com/news/security/putty-ssh-client-flaw-allows-recovery-of-cryptographic-private-keys/