Timing based ECDSA key recovery #677
Labels
complex
Issues that require good knowledge of tlsfuzzer internals
enhancement
new feature to be implemented
help wanted
new test script
will require creation of a new connection script
Projects
The Minerva attack describes how to recover the ECDSA key from the server based on time it takes it to create ECDSA signatures.
https://minerva.crocs.fi.muni.cz/
by having access to private key of the server we should be able to extract the nonce used for signature and thus calculate the classes for timing behaviour (i.e. mark with class 0 signatures that use nonce with bit length == to order, 1 for ones that use nonce a bit smaller, etc.)
The text was updated successfully, but these errors were encountered: