all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Don’t overextend your Oblivious Transfer

Add to bookmarks
Sept. 20, 2023, noon | Trail of Bits

Trail of Bits Blog blog.trailofbits.com

By Joop van de Pol We found a vulnerability in a threshold signature scheme that allows an attacker to recover the signing key of threshold ECDSA implementations that are based on Oblivious Transfer (OT). A malicious participant of the threshold signing protocols could perform selective abort attacks during the OT extension subprotocol, recover the secret […]

attacker attacks don ecdsa extension found key malicious oblivious protocols recover secret signature signing signing key threshold transfer van vulnerability

Visit resource

More from blog.trailofbits.com / Trail of Bits Blog

The life and times of an Abstract Syntax Tree 1 day, 15 hours ago | blog.trailofbits.com
artificially intelligent can clear compiler +14
Curvance: Invariants unleashed 3 days, 15 hours ago | blog.trailofbits.com
assessments audits blockchain building +15
Announcing two new LMS libraries 1 week ago | blog.trailofbits.com
algorithm bits cryptography digital +17
5 reasons to strive for better disclosure processes 2 weeks, 4 days ago | blog.trailofbits.com
blog bugs disclosure examples +6
Introducing Ruzzy, a coverage-guided Ruby fuzzer 1 month ago | blog.trailofbits.com
application security bits bugs code +16
Why fuzzing over formal verification? 1 month, 1 week ago | blog.trailofbits.com
audits blockchain development fuzzing +3
Streamline your static analysis triage with SARIF Explorer 1 month, 1 week ago | blog.trailofbits.com
analysis audits explorer extension +8
Read code like a pro with our weAudit VSCode extension 1 month, 2 weeks ago | blog.trailofbits.com
audits bugs code codebase +12
Releasing the Attacknet: A new tool for finding bugs in blockchain nodes using chaos testing 1 month, 2 weeks ago | blog.trailofbits.com
addresses bits blockchain bugs +17

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Security Specialist

@ Nestlé | St. Louis, MO, US, 63164
View on infosec-jobs.com

Cybersecurity Analyst

@ Dana Incorporated | Pune, MH, IN, 411057
View on infosec-jobs.com

Sr. Application Security Engineer

@ CyberCube | United States
View on infosec-jobs.com

Linux DevSecOps Administrator (Remote)

@ Accenture Federal Services | Arlington, VA
View on infosec-jobs.com

Cyber Security Intern or Co-op

@ Langan | Parsippany, NJ, US, 07054-2172
View on infosec-jobs.com

Security Advocate - Application Security

@ Datadog | New York, USA, Remote
View on infosec-jobs.com
View more jobs