What attacks exist on ECDSA if there are more than 10 million signatures?

JDop

5/29/23, 10:04 AM

I am aware that there are weaknesses in ECDSA when reusing NONCE and I am aware that there is a lattice attack on ECDSA. Are there other ways to attack ECDSA when one private key has made more than 10 million signatures? I'm interested in the secp256k1, secp256r1 elliptic curve parameters. Under what conditions can the private key in these curves be revealed if a large number of signatures were generated?

112

0 + 0

elliptic-curves

signature

dsa

attack

elliptic-curve-generation

kelalaka

5/29/23, 10:08 AM

Are we talking about biased nonces? Are we talking about the collision of the $k$? Are we talking about brute force?

JDop

5/29/23, 10:21 AM

@kelalaka I think collision of the k & biased nonces is reusing nonces. The brute force method, I do not consider it an attack and a threat, even if there are more than 10 million signatures. I'm more interested in the list of known attacks on ECDSA if the weakness and threat to private key discovery is a large number of signatures committed by one private key? If there are alternatives like Lattice Attacks?

kelalaka

5/29/23, 11:18 AM

One can re-use nonce ignorantly or there is a bug/error on the system/library. The result is the same, however, the cause can be different. Could you first search our site for possible scenarios?

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: What attacks exist on ECDSA if there are more than 10 million signatures?

TH: มีการโจมตีอะไรบ้างใน ECDSA หากมีลายเซ็นมากกว่า 10 ล้านลายเซ็น

RO: Ce atacuri există asupra ECDSA dacă există mai mult de 10 milioane de semnături?

RU: Какие атаки существуют на ECDSA, если подписей больше 10 миллионов?

VI: Những cuộc tấn công nào tồn tại trên ECDSA nếu có hơn 10 triệu chữ ký?

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.