42 sats \ 1 reply \ @BlueSlime 8 Aug \ on: "DARK SKIPPY" VULNERABILITY bitcoin
There are more sinister ways to attack digital signatures than this.
FYI if your device uses a nondeterministic nonce when signing, then it is impossible to verify whether your signatures have been tampered with.
Using a non-deterministic nonce is actually quite similar to this attack (and can be categorized under the same attack class) in the sense that they both involve messing with the process of securely generating a random nonce.
Dark Skippy is just more explicit in how it goes about it, e.g., causing the device to leak private key data into the nonce and/or blinding the nonce with a hacker-controlled key.
reply