Join GitHub today
GitHub is home to over 20 million developers working together to host and review code, manage projects, and build software together.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
Already on GitHub? Sign in to your account
Devel Docs: Add Comparison-Based Attacks To Reasons Not To Reuse Keys #395
Conversation
|
As far as I'm concerned, this looks good to me. |
harding
added a commit
that referenced
this pull request
May 13, 2014
harding
merged commit 70d871d
into
bitcoin-dot-org:devel-docs
May 13, 2014
|
@harding Thanks! |
harding
deleted the
unknown repository branch
May 14, 2014
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
harding commentedMay 11, 2014
Based on a request from @luke-jr and criteria from @mikehearn, this pull
replaces the the previous security text in the Avoiding Key Reuse
section with a slightly expanded version that also describes why
creating more than one signature with the same private key might be a
problem.
If this pull request is unsatisfactory and non-trivial changes are
required to make it satisfactory, I suggest that we simply delete the
existing security text and add describing ECDSA security in detail it to
our todo list for the next version of the
guide.
Note: every occurrence of "ECDSA" in the guide is automatically linked to
the ECDSA Wikipedia entry which repeatedly explains the risks of lack of
entropy in k values---with the Sony PS3 key compromise and
SecureRandom implementation being used as real-life examples. Anyone who
is curious about the details after reading our short description need
only click the link to start learning more.