raw_avocado on Nostr: One very important clarification! This particular attack actually "encodes the secret ...
One very important clarification!
This particular attack actually "encodes the secret key into low entropy secret nonces and uses them in signing", so it's not just grinding the nonces.
What does this mean?
In the "classical" nonce-attack you either need a LOT of computer power or a LOT of signatures, which makes harder to pull off.
In his variant above they reduced this to only 2 signatures (for 12 words 4 for 24 words) vs ~64 signatures for the classical attack.
(again a lot of caveats I'm hand waving :p)
which is a great improvement and way easier to pull off and requires fewer steps to be taken by the person being attacked.
Source: https://darkskippy.com/taxonomy.htm
This particular attack actually "encodes the secret key into low entropy secret nonces and uses them in signing", so it's not just grinding the nonces.
What does this mean?
In the "classical" nonce-attack you either need a LOT of computer power or a LOT of signatures, which makes harder to pull off.
In his variant above they reduced this to only 2 signatures (for 12 words 4 for 24 words) vs ~64 signatures for the classical attack.
(again a lot of caveats I'm hand waving :p)
which is a great improvement and way easier to pull off and requires fewer steps to be taken by the person being attacked.
Source: https://darkskippy.com/taxonomy.htm