🇳🇱
What encryption algorithm do you prefer for asymmetric keys, specifically signing?
#cryptography #pgp #GPG #GnuPG
@freemo I don't regularly use this stuff, particularly for signing, but I did see an interesting paper recently that illustrated how ECC can be broken with < 1 bit of nonce leakage.
https://eprint.iacr.org/2020/615
Which seems to be caused by the need of uniformly distributed nonce values, which can unexpectedly broken via modulo bias as shown: https://research.kudelskisecurity.com/2020/07/28/the-definitive-guide-to-modulo-bias-and-how-to-avoid-it/
@johnabs Most crytographic ciphers can be cracked if their parameters arent generated securely
@freemo Well yeah, but <1 bit is pretty rough, no? Admittedly, I don't have anything to compare that number to, so some perspective would be great :)
@johnabs <1 bit would be 0 bits... so that number cant be the actual number.
@freemo I think it's the expected number of bits, in that they can determine the most significant bit of the nonce but with probability <1.
