Score:0

What attacks exist on ECDSA if there are more than 10 million signatures?

jp flag

I am aware that there are weaknesses in ECDSA when reusing NONCE and I am aware that there is a lattice attack on ECDSA. Are there other ways to attack ECDSA when one private key has made more than 10 million signatures? I'm interested in the secp256k1, secp256r1 elliptic curve parameters. Under what conditions can the private key in these curves be revealed if a large number of signatures were generated?

kelalaka avatar
in flag
Are we talking about biased nonces? Are we talking about the collision of the $k$? Are we talking about brute force?
JDop avatar
jp flag
@kelalaka I think collision of the k & biased nonces is reusing nonces. The brute force method, I do not consider it an attack and a threat, even if there are more than 10 million signatures. I'm more interested in the list of known attacks on ECDSA if the weakness and threat to private key discovery is a large number of signatures committed by one private key? If there are alternatives like Lattice Attacks?
kelalaka avatar
in flag
One can re-use nonce ignorantly or there is a bug/error on the system/library. The result is the same, however, the cause can be different. Could you first search our site for possible scenarios?
mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.