Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Development & Technical Discussion
Merits 3 from 1 user
Re: Can two signatures be identical?
by
waxwing
on 06/05/2016, 11:47:08 UTC
⭐ Merited by ABCbits (3)
Quote from: bob123 on May 06, 2016, 08:55:44 AM
Quote from: 2c0de on May 05, 2016, 12:41:05 PM
Quote from: hhanh00 on May 05, 2016, 08:57:35 AM
Just to be clear, that's in addition to having the same message and private key,  right?

reusal of address(privkey) and the random parameter k can cause trouble

Can you explain this more?
What kind of trouble?

Reusing the same nonce value (hence same k value) on two different signatures (ie. different messages) signed with the same private key, leaks the private key. This has happened in Bitcoin due to bad nonce generation code, and quite a few times, and has led to loss of funds.

The wikipedia page on ECDSA explains the algebra; it's a very simple calculation to do.