Chinese remainder theorem in ECDSA for parameters in secp256k1?

JDop

1/17/23, 7:33 PM

It is known that it is possible to apply the Chinese remainder theorem and attack RSA under precise conditions.

https://tls.mbed.org/public/WSchindler-RSA_Timing_Attack.pdf

But the question is, can the Chinese remainder theorem in ECDSA be applied to the parameters in secp256k1?

113

0 + 0

timing-attack

dsa

homomorphic-encryption

attack

secp256k1

Score:2

Crypto

poncho

1/17/23, 7:36 PM

But the question is, can the Chinese remainder theorem in ECDSA be applied to the parameters in secp256k1?

That precise attack doesn't work - we don't use the Chinese remainder theorem when computing with secp256k1 (as the group order is prime).

On the other hand, there are certainly side channel attacks available against naïve implementations of ECDSA and secp256k1 - just not that one.

0 + 0

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Chinese remainder theorem in ECDSA for parameters in secp256k1?

TH: ทฤษฎีบทเศษเหลือของจีนใน ECDSA สำหรับพารามิเตอร์ใน secp256k1?

RO: Teorema chineză a restului în ECDSA pentru parametrii în secp256k1?

RU: Китайская теорема об остатках в ECDSA для параметров в secp256k1?

VI: Định lý phần còn lại của Trung Quốc trong ECDSA cho các tham số trong secp256k1?

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.