Open demining opened 2 years ago
Hello @akiratk0355 ! I saw your work on GitHub and decided to write to you as I have questions.
When creating ECDSA, it happens that some devices generate short Nonce. Approximately 2 ^ 243 - 2 ^ 244
Accordingly, if Nonces is short, then it must contain null at the beginning. That is, the first 3 bits of the Nonce contain a beginning null.
Given the known signature values [R, S, H (e)], can we define and calculate if the Nonce is short?
Is there a way to find out information about the first 3 bits of Nonces?
@demining hello, still no solutions in your problem? I d like to know if your solved it.
Hello @akiratk0355 ! I saw your work on GitHub and decided to write to you as I have questions.
When creating ECDSA, it happens that some devices generate short Nonce. Approximately 2 ^ 243 - 2 ^ 244
Accordingly, if Nonces is short, then it must contain null at the beginning. That is, the first 3 bits of the Nonce contain a beginning null.
Given the known signature values [R, S, H (e)], can we define and calculate if the Nonce is short?
Is there a way to find out information about the first 3 bits of Nonces?