<?xml version="1.0" encoding="UTF-8"?><rss version="2.0"
	xmlns:content="http://purl.org/rss/1.0/modules/content/"
	xmlns:wfw="http://wellformedweb.org/CommentAPI/"
	xmlns:dc="http://purl.org/dc/elements/1.1/"
	xmlns:atom="http://www.w3.org/2005/Atom"
	xmlns:sy="http://purl.org/rss/1.0/modules/syndication/"
	xmlns:slash="http://purl.org/rss/1.0/modules/slash/"
	>

<channel>
	<title>signatures &#8211; Noise</title>
	<atom:link href="https://noise.getoto.net/tag/signatures/feed/" rel="self" type="application/rss+xml" />
	<link>https://noise.getoto.net</link>
	<description>The collective thoughts of the interwebz</description>
	<lastBuildDate>Wed, 19 Jun 2024 21:52:20 +0000</lastBuildDate>
	<language>en-US</language>
	<sy:updatePeriod>
	hourly	</sy:updatePeriod>
	<sy:updateFrequency>
	1	</sy:updateFrequency>
	<generator>https://wordpress.org/?v=6.8.2</generator>
	<item>
		<title>Recovering Public Keys from Signatures</title>
		<link>https://noise.getoto.net/2024/06/20/recovering-public-keys-from-signatures/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Thu, 20 Jun 2024 11:10:53 +0000</pubDate>
				<category><![CDATA[anonymity]]></category>
		<category><![CDATA[cryptanalysis]]></category>
		<category><![CDATA[keys]]></category>
		<category><![CDATA[signatures]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=69066</guid>

					<description><![CDATA[Interesting summary of various ways to derive the public key from digitally signed files.
Normally, with a signature scheme, you have the public key and want to know whether a given signature is valid. But what if we instead have a message and a signat...]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>New SSH Vulnerability</title>
		<link>https://noise.getoto.net/2023/11/15/new-ssh-vulnerability/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Wed, 15 Nov 2023 17:51:52 +0000</pubDate>
				<category><![CDATA[academic papers]]></category>
		<category><![CDATA[Cryptography]]></category>
		<category><![CDATA[signatures]]></category>
		<category><![CDATA[ssh]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<category><![CDATA[vulnerabilities]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=68105</guid>

					<description><![CDATA[<p>This is <a href="https://arstechnica.com/security/2023/11/hackers-can-steal-ssh-cryptographic-keys-in-new-cutting-edge-attack/">interesting</a>:</p>
<blockquote><p>For the first time, researchers have demonstrated that a large portion of cryptographic keys used to protect data in computer-to-server SSH traffic are vulnerable to complete compromise when naturally occurring computational errors occur while the connection is being established.</p>
<p>[…]</p>
<p>The vulnerability occurs when there are errors during the signature generation that takes place when a client and server are establishing a connection. It affects only keys using the RSA cryptographic algorithm, which the researchers found in roughly a third of the SSH signatures they examined. That translates to roughly 1 billion signatures out of the 3.2 billion signatures examined. Of the roughly 1 billion RSA signatures, about one in a million exposed the private key of the host...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Micro-Star International Signing Key Stolen</title>
		<link>https://noise.getoto.net/2023/05/15/micro-star-international-signing-key-stolen/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Mon, 15 May 2023 11:18:10 +0000</pubDate>
				<category><![CDATA[ransomware]]></category>
		<category><![CDATA[signatures]]></category>
		<category><![CDATA[supply chain]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=67363</guid>

					<description><![CDATA[<p>Micro-Star International—aka MSI—had its UEFI signing key <a href="https://arstechnica.com/information-technology/2023/05/leak-of-msi-uefi-signing-keys-stokes-concerns-of-doomsday-supply-chain-attack/">stolen</a> last month.</p>
<blockquote><p>This raises the possibility that the leaked key could push out updates that would infect a computer’s most nether regions without triggering a warning. To make matters worse, Matrosov said, MSI doesn’t have an automated patching process the way Dell, HP, and many larger hardware makers do. Consequently, MSI doesn’t provide the same kind of key revocation capabilities.</p></blockquote>
<p>Delivering a signed payload isn’t as easy as all that. “Gaining the kind of control required to compromise a software build system is generally a non-trivial event that requires a great deal of skill and possibly some luck.” But it just got a whole lot easier...</p>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Java Cryptography Implementation Mistake Allows Digital-Signature Forgeries</title>
		<link>https://noise.getoto.net/2022/04/22/java-cryptography-implementation-mistake-allows-digital-signature-forgeries/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Fri, 22 Apr 2022 12:09:59 +0000</pubDate>
				<category><![CDATA[Cryptography]]></category>
		<category><![CDATA[forgery]]></category>
		<category><![CDATA[patching]]></category>
		<category><![CDATA[signatures]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=65348</guid>

					<description><![CDATA[<p>Interesting <a href="https://arstechnica.com/information-technology/2022/04/major-crypto-blunder-in-java-enables-psychic-paper-forgeries/">implementation mistake</a>:</p>
<blockquote><p>The vulnerability, which <a href="https://www.oracle.com/security-alerts/cpuapr2022.html">Oracle patched on Tuesday</a>, affects the company’s implementation of the <a href="https://en.wikipedia.org/wiki/Elliptic_Curve_Digital_Signature_Algorithm">Elliptic Curve Digital Signature Algorithm</a> in Java versions 15 and above. ECDSA is an algorithm that uses the principles of <a href="https://arstechnica.com/information-technology/2013/10/a-relatively-easy-to-understand-primer-on-elliptic-curve-cryptography/">elliptic curve cryptography</a> to authenticate messages digitally.</p>
<p>[…]</p>
<p>ECDSA signatures rely on a pseudo-random number, typically notated as K, that’s used to derive two additional numbers, R and S. To verify a signature as valid, a party must check the equation involving R and S, the signer’s public key, and a cryptographic hash of the message. When both sides of the equation are equal, the signature is valid. ...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>KEMTLS: Post-quantum TLS without signatures</title>
		<link>https://noise.getoto.net/2021/01/15/kemtls-post-quantum-tls-without-signatures/</link>
		
		<dc:creator><![CDATA[Sofía Celi]]></dc:creator>
		<pubDate>Fri, 15 Jan 2021 12:00:00 +0000</pubDate>
				<category><![CDATA[Cryptography]]></category>
		<category><![CDATA[KEMs]]></category>
		<category><![CDATA[post quantum]]></category>
		<category><![CDATA[signatures]]></category>
		<category><![CDATA[TLS]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=e9a59a0037d74d7e26979d1ca96c634d</guid>

					<description><![CDATA[The TLS 1.3 protocol has been around for quite some time, but it will be broken once quantum computers arrive. What can we do? In this blog post, we will examine a technique for achieving full post-quantum security for TLS 1.3 in the face of quantum computers: KEMTLS.]]></description>
		
		
		<enclosure url="https://blog.cloudflare.com/content/images/2021/01/KEMTLS--Post-quantum-TLS-without-signatures-blog-home.png" length="0" type="" />

			</item>
	</channel>
</rss>

<!--
Performance optimized by W3 Total Cache. Learn more: https://www.boldgrid.com/w3-total-cache/

Object Caching 27/129 objects using Memcached
Page Caching using Disk: Enhanced 
Lazy Loading (feed)
Database Caching using Memcached

Served from: noise.getoto.net @ 2025-12-12 00:10:03 by W3 Total Cache
-->