Taproot is a #bitcoin upgrade which will occur at block #709632, ie. in Nov 2021
It brings several new innovations and features but one of them is especially interesting: Schnorr Signatures.
Let me tell you the brief history of asymetric cryptography 🧵
Asymmetric cryptography is a process that uses a pair of keys: public / private key.
Its most interesting application is *Digital signature*. It's a process where you can prove you know your private key without revealing it while anyone with your public key can verify your proof
This is exactly what we do, when we "send" #bitcoin
Asymmetric cryptography has been publicly discovered by the famous Diffie, Hellman, and then Merkle in the 70s. Then, in the late 70s, Rivest Shamir and Adleman invented the famous RSA cryptosystem which is still widely used.
In the 80s, Elliptic Curve Cryptography was discovered by Koblitz and Miller.
ECC has many advantages over RSA. Computations, data transfers are more efficient for a same level of security.
ECC, contrary to RSA is full of variations: basis field, curves, signature algorithms...
Let's focus on Signature algorithm. Schnorr signature was invented by Claus-Peter Schnorr in the 80s.
His signature algorithm is much simpler than any other, gives better security property and is linear (offering multisig almost for free).
But he did the worst thing that can happen to human knowledge (this, and claiming the break of RSA without any proof): He PATENTED his invention.
Thus, Schnorr signatures weren't used and ECDSA was specifically designed to bypass the patent.
When you look at ECDSA equations, it looks like a hack around Schnorr's equation.
In 2008, more than 20 years after the invention, the patent has expired. In 2008, Satoshi was finishing the design of #bitcoin. But because of the patent, Schnorr signature wasn't standardized.
Thus ECDSA was chosen for #bitcoin as a standardized and widely used algorithm.
In the meantime, Ed25519 was invented (2011), and can be seen as a variation of Schnorr Signatures.
(It's used in Polkadot, Cardano and Stellar).
30 years after this patent, Schnorr Signatures will be used in one of the largest scale application: #Bitcoin
It's a great news, but we lost 30 years because of a silly patent.
/fin
• • •
Missing some Tweet in this thread? You can try to
force a refresh
PLATYPUS is a novel side-channel attack targeting Intel x86 CPU (including AES-NI, SGX).
> platypusattack.com
I'm not surprised that we discover new attacks on Intel CPU, while I'm very surprised this attack has just been discovered now.
(1/n)
PLATYPUS is a Side Channel Attack allowing to _remotely_ extract secrets from Intel CPU incl. SGX enclave and AES-NI.
It uses the unprivileged access to RAPL (Running Average Power Limit) interface to get an internal measurement of the power consumption of the chip.
(2/n)
From an attacker PoV, this interface is great since it's unpriviledged and can be accessed remotely.
On the other side, it's quite low resolution, you can only get samples at 20kHz. This later limitation is overcome by several of techniques (cf paper).
I've read several misconceptions about Common Criteria certifications. Typically:
- "Components producers pay for certification"
- "Certifications test only against a known set of predefined scenarios"
- "Certifications are not a replacement for independant review"
Thread👇
(2/n)
In a Common Criteria Certification process (for a circuit). There are 4 actors: 1. The sponsor (SP) 2. The chip manufacturer (CM) 3. The 3rd party evaluation lab (lab) 4. The Certification body (CB)
(3/n)
Often SP and CM is the same entity, but not always.
The lab is an independant security eval entity accredited by the CB. There's no commercial relationship between lab and the CB. Regularly, the CB audits the lab to verify its skills.