- 2008 - Debian OpenSSL PRNG bug. Resulted in a lot of SSH keys being weak
- 2010 - PS3 ECDSA leak the key - The randomness needed for ECDSA to work was bad, leaking the ECDSA keys of the PS3.
- 2012 - Mining Your Ps and Qs: Detection of Widespread Weak Keys in Network Devices - weak RSA keys
- 2012 - Ron was wrong, Whit is right - "two out of every one thousand RSA moduli that we collected offer no security"
- 2014 - Private Key Recovery Combination Attacks: On Extreme Fragility of Popular Bitcoin Key Management, Wallet and Cold Storage Solutions in Presence of Poor RNG Events -
- 2017 - Infineon RSA prime generation bug - millions of security keys impacted.
- 2019 - Biased Nonce Sense: Lattice Attacks against Weak ECDSA Signatures in Cryptocurrencies
- 2019 - U2F ECDSA vulnerability - "The firmware code used incompatible transfer instructions when passing a critical secret value to the cryptographic hardware block, resulting in generating secret values of a specific structure and having a significant loss of entropy in the secret value (64 bits instead of 256 bits)"
Last active
September 12, 2019 17:23
-
-
Save mimoo/917db8227e4b7f4c8c3e261f7729ded4 to your computer and use it in GitHub Desktop.
Randomness
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment