all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Don’t overextend your Oblivious Transfer

Add to bookmarks
Sept. 20, 2023, noon | Trail of Bits

Trail of Bits Blog blog.trailofbits.com

By Joop van de Pol We found a vulnerability in a threshold signature scheme that allows an attacker to recover the signing key of threshold ECDSA implementations that are based on Oblivious Transfer (OT). A malicious participant of the threshold signing protocols could perform selective abort attacks during the OT extension subprotocol, recover the secret […]

attacker attacks don ecdsa extension found key malicious oblivious protocols recover secret signature signing signing key threshold transfer van vulnerability

Visit resource

More from blog.trailofbits.com / Trail of Bits Blog

Understanding AddressSanitizer: Better memory safety for your code 2 weeks, 2 days ago | blog.trailofbits.com
application security attacks bug can +20
A peek into build provenance for Homebrew 2 weeks, 4 days ago | blog.trailofbits.com
alpha alpha-omega beta build +13
Using benchmarks to speed up Echidna 3 weeks, 3 days ago | blog.trailofbits.com
ben benchmarks bits blockchain +19
The life and times of an Abstract Syntax Tree 4 weeks, 2 days ago | blog.trailofbits.com
artificially intelligent can clear compiler +14
Curvance: Invariants unleashed 1 month ago | blog.trailofbits.com
assessments audits blockchain building +15
Announcing two new LMS libraries 1 month ago | blog.trailofbits.com
algorithm bits cryptography digital +17
5 reasons to strive for better disclosure processes 1 month, 2 weeks ago | blog.trailofbits.com
blog bugs disclosure examples +6
Introducing Ruzzy, a coverage-guided Ruby fuzzer 2 months ago | blog.trailofbits.com
application security bits bugs code +16
Why fuzzing over formal verification? 2 months, 1 week ago | blog.trailofbits.com
audits blockchain development fuzzing +3

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US
View on infosec-jobs.com

Corporate Intern - Information Security (Year Round)

@ Associated Bank | US WI Remote
View on infosec-jobs.com

Senior Offensive Security Engineer

@ CoStar Group | US-DC Washington, DC
View on infosec-jobs.com