Breaking ECDSA (Elliptic Curve Cryptography) - rhme2 Secure Filesystem v1.92r1 (crypto 150)
Рет қаралды 73,855
7 жыл бұрынWe are going to recover a ECDSA private key from bad signatures. Same issue the Playstation 3 had that allowed it to be hacked.
=[ 🔴 Stuff I use ]=
→ Microphone:* geni.us/ntg3b
→ Graphics tablet:* geni.us/wacom-intuos
→ Camera#1 for streaming:* geni.us/sony-camera
→ Lens for streaming:* geni.us/sony-lense
→ Connect Camera#1 to PC:* geni.us/cam-link
→ Keyboard:* geni.us/mech-keyboard
→ Old Microphone:* geni.us/mic-at2020usb
US Store Front:* www.amazon.com/shop/liveoverflow
=[ ❤️ Support ]=
→ per Video: / liveoverflow
→ per Month: / @liveoverflow
=[ 🐕 Social ]=
→ Twitter: / liveoverflow
→ Website: liveoverflow.com/
→ Subreddit: / liveoverflow
→ Facebook: / liveoverflow
=[ 📄 P.S. ]=
All links with "*" are affiliate links.
LiveOverflow / Security Flag GmbH is part of the Amazon Affiliate Partner Programm.
#CTF #Cryptography
@user-oj6fy8ox4k 4 жыл бұрын
“from hashlib impoer sha1” ahhh you drove me crazy right here. I wanna correct it so bad
@maulanaiskandar1058 7 жыл бұрын
Quality content as always
@RedaKassame 7 жыл бұрын
amazing! you explain very well, btw
@cronax3512 7 жыл бұрын
Gutes Video, wie immer :) Jede Woche freue ich mich auf ein neues Video von dir und ich werde nie enttäuscht. Unendlich interessante Inhalte und jemanden der es perfekt erklärt. Herzlichen Dank, deine Videos sind wahrlich eine Bereicherung.
@meksaldi 7 жыл бұрын
Very nice channel bro, it will go up for sure! :) Keep going!!!
@cyancoyote7366 7 жыл бұрын
This is mindblowing. I'm a bit late to watch this video (around 5 days late), but it's great that I found it.
@1yashacker 7 жыл бұрын
You deserve waaaay more subs than you have! Awesome videos man , keep them making! (y)
@TonelessR 7 жыл бұрын
Ha, really liked this one, wish I could have participated myself :) Thanks again for the upload, great as always
@baatar 5 жыл бұрын
Very, very nice video. I couldn't get my head around ECDSA and the use of the random number k until I saw your video. I just need to rewatch it a hundred times or so, lol.
@davidjohnston4240 2 жыл бұрын
Everything about ECDSA from the curve choices to the details of the DSA equations are suspect. Deterministic DSA/ECDSA can be done within the scope of the spec, but you would have to know to do it.
@TheMrKeksLp 5 жыл бұрын
"encryption encryption 192"
@__mk_km__ 4 жыл бұрын
"gorbachev vodka encryption" ...Would be hard to explain that search history to the FBI
@chri-k 3 жыл бұрын
@@__mk_km__ dont worry I’m just encrypting vodka
@Chrille168 7 жыл бұрын
Great video! I love the math behind elliptic curve crypto! I'm sure i wouldn't have been able to figure it out, but I can remember my lecturer emphasizing that k needed to be recalculated every time, last year at uni :D It's important to understand such a protocol before you implement it!
@davidjohnston4240 2 жыл бұрын
The main lesson is *never use DSA, ECDSA or anything of that ilk*. If you are stuck with certification requirements, sign with something else in addition to ECDSA using independent secrets.
@ankushkawnpure 6 жыл бұрын
Man that's dope!!!
@AdityaFingerstyle 4 жыл бұрын
Loved it !
@addisonwilson 7 жыл бұрын
You should put up a Patreon, I am sure many of us would love to be able to give you beer money! Awesome video as always.
@hatimhamd5246 7 жыл бұрын
can you put some ctfs please , you explain very well Keep going man
@davey_davey_dave 7 жыл бұрын
Very nice videos.
@user-cz9ss4yq4x 7 жыл бұрын
holy shit awesome
@snowwhite4457 3 жыл бұрын
love this
@arcaynlastname4072 4 жыл бұрын
i love how like the only visited link was the "conspiracy" one
@samsemp10l23 7 жыл бұрын
are you gonna make a video about wannacry?
@JGunlimited 7 жыл бұрын
From the Wiki article, "In December 2010, a group calling itself *fail0verflow* announced recovery of the ECDSA private key used by Sony to sign software for the PlayStation 3 game console." Illuminati confirmed.
@eshaan7_ 5 жыл бұрын
:O
@NateROCKS112 4 жыл бұрын
fail0verflow is a fairly well-known console hacking group
@davidjohnston4240 2 жыл бұрын
That was through nonce reuse. ECDSA is really fragile and if you take any step wrong, you are doomed. My hypothesis is that they forgot to put an RNG in the silicon. The Linux kernel they had at the time would not boot without a /dev/random service. So for a workaround to make it boot, they made a file /dev/random with some fixed data in it and the rest is history.
@a.yashwanth 4 жыл бұрын
2:41 how to get search results automatically without pressing enter?
@sewid 7 жыл бұрын
Major sticking point for me on this one was that they used SHA1 as the hash algorithm. I tried with SHA2 for way too long before trying SHA1 and solving it in seconds....
@quinj6726 6 жыл бұрын
well done! great info. but what if the "r" given is not the same? is it still possible to solve for "k" if we have different "r"?
@kevinorr54 6 жыл бұрын
Quin Noaj If r is different, than x is different (for the same order n), and if x is different, than k is different (for the same starting point G). Since n and G are things we have to agree upon before generating signatures, you can count on them bring the same here. So if k is different, this doesn't let us solve for it algebraically. So unless we know k for other reasons, we can't solve for dA
@kcwu2bee 3 жыл бұрын
So fun.
@LightTheMars 5 жыл бұрын
Getting encryption right is hard!
@zzh1996 6 жыл бұрын
why are k(0x7e0) and dA(0x2a) so small? can I just brute force them to solve the challenge?
@niter43 6 жыл бұрын
You can, but why would you do it? When you started you had no idea that author of challenge picked some small values.
@cabbarjavad6918 10 ай бұрын
Can we turn a fake private key into a real one? 1 main network address has been converted to base 38 and became a pub key. Can it be changed further? Is there any limit?
@coolstory 7 жыл бұрын
Question, lets say when this challenge site is over, can I go back and do the challenges myself?
@LiveOverflow 7 жыл бұрын
+KZfaqDude it's already over. A lot of the challenges are available here that you can put in any arduino: github.com/Riscure/Rhme-2016/tree/master/challenges/binaries But as far as I can see, not this one
@rogervanbommel1086 2 жыл бұрын
The value of K is the year of the ctf, lol
@borisbrambilla1261 7 жыл бұрын
Hello Can one break the OFW 3.56 and higher on PS3 with this method?
@LiEnby 5 жыл бұрын
no, because they fixed the ECDSA implementation on 3.56
@__mk_km__ 4 жыл бұрын
@@LiEnby Does the firmware implementation matter? It is the signing side that generates k, and the firmware would just verify the signature
@LiEnby 4 жыл бұрын
@@__mk_km__ changed the keys I beleive.
@CharlesVanNoland 7 жыл бұрын
How do people learn how to use a crypto API without also learning how to use it properly?
@LiveOverflow 7 жыл бұрын
+Charles Van Noland its a programming API. Bugs happen in every kind of program. Even if you are a security expert you will screw up
@CharlesVanNoland 7 жыл бұрын
Doh! I overlooked that this wasn't an actual filesystem but a hackme. Thanks for the upload :D
@aspiceoflife 3 жыл бұрын
I wonder what else is still out there using constant k like k cereal for breakfast
@Zooiest 5 жыл бұрын
*_got k_*
@TheSecretssocieties 6 жыл бұрын
yes try to do this with btc on a transaction number and find out the PK
@LiEnby 5 жыл бұрын
btc doesnt have a static "k"
@kressckerl 5 жыл бұрын
Fuc*ing youtube, didn't receive a message ::( (Bell is checked)
@LiveOverflow 5 жыл бұрын
This video is very old ;)
@kressckerl 5 жыл бұрын
@@LiveOverflow ohhhh shit, my bad😂, I sincerely apologize KZfaq. I guess it was a bug in some JS on youtube, when it showed in my feed it said "1 hour ago"
@idrissberchil25 4 жыл бұрын
Impoer 6:17 😩😩
@realbitcoin3152 6 жыл бұрын
need to calculate Z1*S2 -Z2*S1 how to get it....any calculator...help me pleases brooooooo
@omunculus312 4 жыл бұрын
kzfaq.info/get/bejne/pLuSa6qQmLzKpKs.html здесь подробно
@tewuzij Жыл бұрын
[5:15] "[I'm not very good in math]" Well that is alarming for a cryptographer and computer scientist in general, because math is the foundation of data processing [aka computing]. I suggest you study more math, or just watch some 3blue1brown videos instead. Even when I'm not yet an expert in either field, I understand what people need to accumulate to master it, so anyway learning math is required to learn data security Hope you can comprehend that
Cool Items Official
Рет қаралды 56 МЛН
Fullstack Academy
Рет қаралды 101 М.
LiveOverflow
Рет қаралды 111 М.
Center for Innovative Finance
Рет қаралды 7 М.
Cool Items Official
Рет қаралды 56 МЛН