Kelemahan ECDSA: Ketika Variabel k Tidak Dihasilkan Secara Acak

Tulisan sebelumnya membahas “ECDSA: Penandatanganan dan Verfikasi“. Untuk tulisan hari akan membahas mengenai “Kelemahan ECDSA, Ketika Variabel k Tidak Dihasilkan Secara Acak.

import ecdsa
import hashlib
import binascii

def str2num(s):
	return int(binascii.hexlify(s), 16)

m1 ="""However, this attack only worked because Sony did not 
properly implement the algorithm, because k was static instead of 
random"""
m2 ="""As pointed out in the Signature generation algorithm Section 
above, this makes d_A solvable and the entire algorithm useless."""

SK = ecdsa.SigningKey.generate(curve=ecdsa.NIST384p)
VK = SK.get_verifying_key()

kStatic = 12345

signature1 = SK.sign(m1, k=kStatic)
signature2 = SK.sign(m2, k=kStatic)

print"\n:: Vulnerable signature"

sign1 = str2num(signature1)
sign2 = str2num(signature2)

print"sign1:", sign1
print"sign2:", sign2

print"\n:: Proof"

r1 = str2num(signature1[-96:--48])
r2 = str2num(signature2[-96:--48])
print"r1:", r1
print"r2:", r2

print"r1 == r2?", r1 == r2

ecdsa2

Semoga Bermanfaat.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s