A Novel Related Nonce Attack for ECDSA

We describe a new related nonce attack able to extract the original signing key from a small collection of ECDSA signatures generated with weak PRNGs. Under suitable conditions on the modulo order of the PRNG, we are able to attack linear, quadratic, cubic as well as arbitrary degree recurrence relations (with unknown coefficients) with few signatures and in negligible time. We also show that for any collection of randomly generated ECDSA nonces, there is one more nonce that can be added following the implicit recurrence relation, and that would allow retrieval of the private key; we exploit this fact to present a novel rogue nonce attack against ECDSA. Up to our knowledge, this is the first known attack exploiting generic and unknown high-degree algebraic relations between nonces that do not require assumptions on the value of single bits or bit sequences (e.g. prefixes and suffixes).

RFC 6979-only ECDSA implementations, please. (Or deterministic signatures with noise, modulo patent issues.)

Normalizing crash risk of partially automated vehicles under sparse data (pre-print)

By correcting for roadway usage differences between the Autopilot and active safety only data, much of the crash reduction seen by vehicles using Autopilot appears to be explained by lower crash rates experienced on freeways. While the raw crash rate shows an average 43% reduction in crash rate for Autopilot compared to active safety only, this improvement is only 10% after controlling for different rates of freeway driving. Correcting for age demographics likewise produced an11% increase in the estimated crash rate.

The Impotence of Being Clever

The flâneur, the detective, and the comedian are precursors of the practitioners of the online cleverness that has become such a nuisance today. The Internet is a spaceless airport. Like passengers in an airport, its users are fundamentally idlers. They occupy themselves with browsing—both the objects available for consumption and their fellow consumers. They are placed in a similar but even more extreme position of impotent omnipotence. The world is at their feet, but they cannot really act in it except to pose and acquire. At the same time, the Internet enables control of people’s movements and desires in a way the airport could only dream of. All this naturally prompts a desire to wrest back some semblance of control.