Skip to content
/ ECDSA-Nonce-Reuse-Exploit-Example Public

This code shows how you can extract a ECDSA private key from two messages signed with the same K value. Every signature must have been singed with a unique K value otherwise this attack is possible.

31 stars 10 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Marsh61/ECDSA-Nonce-Reuse-Exploit-Example

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

16 Commits
Attack-Main.py
Attack-Main.py
 
 
README.md
README.md
 
 

Repository files navigation

DESCRIPTION

This code shows how you can extract a ECDSA private key from two messages signed with the same Nonce value. Every signature requires a unique integer plus the private key to avoid this attack.

HISTORICAL RELEVANCE

In 2011, Sony's private key was revealed by this attack. This allowed anyone with the private key to sign messages and make them appear to be from Sony. Attackers used this to sign binaries, allowing arbitary code to be exectued on Playstation 3 consoles.

DEPENDINCES

Tested on python version 3.6.2,

ecdsa 0.13,

Install command: "pip install ecdsa"

About

This code shows how you can extract a ECDSA private key from two messages signed with the same K value. Every signature must have been singed with a unique K value otherwise this attack is possible.

Resources

Readme
Activity

Stars

31 stars

Watchers

2 watching

Forks

10 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages