@isogenies @durumcrustulum I have totally done that too. I don't want to think how deep the recursion currently is :S
English
Paul Bottinelli
29 posts
Paul Bottinelli
@paulbottinelli
Cryptography @ Trail of Bits
Waterloo, Ontario Katılım Eylül 2009
177 Takip Edilen90 Takipçiler
@durumcrustulum This feels like when I clean up my desktop by moving everything into a new directory called “old desktop” haha
English
Just closed a bunch of tabs by adding them to Paperpile 😅
English
@fasterthanlime @rivovasta It has! Long gone are our university days, studying together in the dark corridors of EPFL.. I'm doing quite well, currently living in Canada and enjoying the fall colours here. I hope you're doing well too!
English
@fasterthanlime And appreciating @rivovasta's meme game 😆
English
@fasterthanlime It me! Light Twitter user enjoying your content 😋
English
In a few hours I'll be presenting some fun crypto vulnerabilities at @CryptoModConf. Come to my talk if you're around!
ICMC@CryptoModConf
ICMC22, 14-16 Sep, welcomes Paul Bottinelli, Principal Security Consultant, Cryptography Services, @NCCGroupplc Canada, presenting: Selected Cryptography Vulnerabilities of IoT Implementations, icmconference.org #encryption #validation #cryptography #quantum #FIPS140
English
@CryptoHack__ Here's mine, using your convenient script:
username: paulbottinelli
hash: 201eb16d28a9a61d9b2975eba59d889884b9347554fe731e0585fdc96c45474c
Cheers ;)
English
🧩To celebrate reaching 5000 followers, here's a little puzzle for you all🧩
Using only public data, can you find a way to sign a message which the below code will verify?
English
Last week, I came across a vulnerability in a few ECDSA libraries, allowing attackers to forge signatures for arbitrary messages. The vulns were assigned CVE-2021-43568 to 43572, and deemed critical. A first for me!
NCC Group Research & Technology@NCCGroupInfosec
Technical Advisory – Arbitrary Signature Forgery in Stark Bank ECDSA Libraries, by Paul Bottinelli research.nccgroup.com/2021/11/08/tec…
English
Paul Bottinelli retweetledi
Arbitrary Signature Forgery in Stark Bank ECDSA Libraries research.nccgroup.com/2021/11/08/tec…
English
@master_mitch @NCCGroupInfosec Yes, that is absolutely correct and was passed along as a recommendation to the devs during the disclosure. That second check should also have prevented the forgery described.
English
@NCCGroupInfosec The advisory says the first check is missing.
Isn't the second check (third bulletpoint) missing as well?
-> "return Invalid if (x, y) is the point at infinity"
English
Technical Advisory – Arbitrary Signature Forgery in Stark Bank ECDSA Libraries, by Paul Bottinelli
research.nccgroup.com/2021/11/08/tec…
English
Paul Bottinelli retweetledi
My colleague just published this finding, which feels just like an (easy) CTF challenge in the wild!
Never trust user input (and handle errors when looking at modular inverses!)!
research.nccgroup.com/2021/11/08/tec…
English
Paul Bottinelli retweetledi
Great work here by @paulbottinelli from NCC Group's Cryptography Services practice..
..you know, like the node package manager reports around 16k weekly downloads for the ecdsa-node implementation while the Python implementation boasts over 7.3M downloads in the last 90 days..
NCC Group Research & Technology@NCCGroupInfosec
Technical Advisory – Arbitrary Signature Forgery in Stark Bank ECDSA Libraries, by Paul Bottinelli research.nccgroup.com/2021/11/08/tec…
English
Last week, we published our Public Report on the security review of the Google One VPN. Thrilled to have been involved in this exciting project!
NCC Group Research & Technology@NCCGroupInfosec
Yesterday we published our Public Report on the VPN by Google One system, assessing the product's technical security properties and its associated privacy claims: research.nccgroup.com/2021/04/08/pub…
English
@AnomalRoil There is a small mistake in the decomposition of the following: pq=kp+p+q−1
You wrote: "Which we can simplify in pq=k(p+1)+q−1"
But it should be: pq=p(k+1)+q−1
English
Great blog post by my colleague @gerald_doussot on using Z3 to reason about cryptographic algorithm:
NCC Group Research & Technology@NCCGroupInfosec
Today on the blog, @gerald_doussot provides a technical introduction on how to leverage the Z3 Theorem Prover to reason about the correctness of cryptographic software, using it to analyze aspects of QUIC and elliptic curve finite field arithmetic research.nccgroup.com/2021/01/29/sof…
English
My @NCCCrypto colleagues and I attended RWC 2021 (virtual edition) and compiled thoughts and summaries from some of our favorite talks.
NCC Group North America InfoSec@NCCsecurityUS
New Blog Post: Real World Cryptography Conference 2021: A Virtual Experience research.nccgroup.com/2021/01/27/rea…
English
Paul Bottinelli retweetledi
New Blog: Double-odd Elliptic Curves research.nccgroup.com/2021/01/06/dou…
English
Fantastic work by my colleague Thomas Pornin! Double-odd elliptic curves: eprint.iacr.org/2020/1558
English
Paul Bottinelli retweetledi
Public Report - Filecoin Bellman/BLS Signatures Cryptographic Review for @protocollabs
research.nccgroup.com/2020/10/21/pub…
English
Paul Bottinelli retweetledi
New Public Report - NU4 Cryptographic Specification and Implementation Review for @ElectricCoinCo
research.nccgroup.com/2020/09/04/pub…
English