登录
当前位置: 首页 > 软件库 > Web3 > 区块链 >

ecdsa-private-key-recovery

授权协议 GPL-2.0 License
开发语言
所属分类 Web3、 区块链
软件类型 开源软件
地区 不详
投 递 者 李浩邈
操作系统 跨平台
开源组织
适用人群 未知
软件官网
软件文档
官方下载
安全指数
 软件概览

ecdsa-key-recovery

Pperform ECDSA and DSA Nonce Reuse private key recovery attacks

This is kind of an improved version of the DSA only variant from https://github.com/tintinweb/DSAregenK

Let's recover the private-key for two signatures sharing the same nonce k. Note how chosing the same nonce k results in both signatures having an identical signature value r. To find good candidates for an ECDSA nonce reuse check for signatures sharing the same r, pubkey on curve for different messages (or hashes). E.g. blockchain projects based off bitcoind are usually good sources of ECDSA signature material.

  • sampleA (r, sA, hashA, pubkey, curve)
  • sampleB (r, sB, hashB, pubkey, curve)
sampleA = EcDsaSignature(r, sA, hashA, pubkey, curve)
sampleB = EcDsaSignature(r, sB, hashB, pubkey, curve) # same privkey as sampleA, identical r due to nonce reuse k.

# recover the private key
sampleA.recover_nonce_reuse(sampleB)  # populates sampleA with the recovered private key ready for use
print sampleA.privkey

setup

#> virtualenv -p python2.7 .env27
#> . .env27/bin/activate
(.env27) #> python setup.py install
(.env27) #> python tests/test_ecdsa_key_recovery.py

Recovering Private Keys from the Bitcoin Blockchain

tools/README.md

BTC Address Base58 Privkey r
1A8TY7dxURcsRtPBs7fP6bDVzAgpgP4962 5JsYaHVGCUzuXaQ5VkaA21VFPJFuArRWfSB77sqzWkWuTMMjXsT 113563387324078878147267949860139475116142082788494055785668341901521289846519
1A8TY7dxURcsRtPBs7fP6bDVzAgpgP4962 5JsYaHVGCUzuXaQ5VkaA21VFPJFuArRWfSB77sqzWkWuTMMjXsT 18380471981355278106073484610981598768079378179376623360720556873242139981984
1C8x2hqqgE2b3TZPQcFgas73xYWNh6TK9W 5JKkG6KXLCCPXN9m29ype6My7eR4AnCLaHKYrLvn6d3nd8BLjjw 19682383735358733565748628081379024202682929012377912380310432818686294127462
1A8TY7dxURcsRtPBs7fP6bDVzAgpgP4962 5JsYaHVGCUzuXaQ5VkaA21VFPJFuArRWfSB77sqzWkWuTMMjXsT 6828441658514710620715231245132541628903431519484374098968817647395811175535

Example

create recoverable signature objects:

from ecdsa_key_recovery import DsaSignature, EcDsaSignature

# specify curve
curve = ecdsa.SECP256k1

# create standard ecdsa pubkey object from hex-encoded string
pub = ecdsa.VerifyingKey.from_string(
        "a50eb66887d03fe186b608f477d99bc7631c56e64bb3af7dc97e71b917c5b3647954da3444d33b8d1f90a0d7168b2f158a2c96db46733286619fccaafbaca6bc".decode(
            "hex"), curve=curve).pubkey
            
# create sampleA and sampleB recoverable signature objects.
# long r, long s, bytestr hash, pubkey obj.
sampleA = EcDsaSignature((3791300999159503489677918361931161866594575396347524089635269728181147153565,   #r
                          49278124892733989732191499899232294894006923837369646645433456321810805698952), #s
                         bignum_to_hex(
                             765305792208265383632692154455217324493836948492122104105982244897804317926).decode(
                             "hex"),
                         pub)
sampleB = EcDsaSignature((3791300999159503489677918361931161866594575396347524089635269728181147153565,   #r
                          34219161137924321997544914393542829576622483871868414202725846673961120333282), #s'
                         bignum_to_hex(
                             23350593486085962838556474743103510803442242293209938584974526279226240784097).decode(
                             "hex"),
                         pub)
                         
# key not yet recovered
assert (sampleA.x is None)

recover the private key for sampleA

# attempt to recover key - this updated object sampleA
sampleA.recover_nonce_reuse(sampleB)    # recover privatekey shared with sampleB
assert (sampleA.x is not None)          # assert privkey recovery succeeded. This gives us a ready to use ECDSA privkey object
assert sampleA.privkey

output

INFO:__main__:------------EcDSA------------
DEBUG:__main__:<EcDsaSignature 0x2c7a61 sig=(3791300999…,4927812489…) public=✔ private=⨯ > - recovering private-key from nonce reuse ...
DEBUG:__main__:<EcDsaSignature 0x2c7a61 sig=(3791300999…,4927812489…) public=✔ private=✔ > - Private key recovered!
-----BEGIN EC PRIVATE KEY-----
MHQCAQEEIOdzzzX85WfQYiIDwo9nR4ozYbrn5utDZrUOHSfrHtguoAcGBSuBBAAK
oUQDQgAEpQ62aIfQP+GGtgj0d9mbx2McVuZLs699yX5xuRfFs2R5VNo0RNM7jR+Q
oNcWiy8ViiyW20ZzMoZhn8yq+6ymvA==
-----END EC PRIVATE KEY-----

DEBUG:__main__:<EcDsaSignature 0x2c7a5b sig=(3791300999…,4927812489…) public=✔ private=⨯ > - recovering private-key from nonce reuse ...
DEBUG:__main__:<EcDsaSignature 0x2c7a5b sig=(3791300999…,4927812489…) public=✔ private=✔ > - Private key recovered!
-----BEGIN EC PRIVATE KEY-----
MHQCAQEEIOdzzzX85WfQYiIDwo9nR4ozYbrn5utDZrUOHSfrHtguoAcGBSuBBAAK
oUQDQgAEpQ62aIfQP+GGtgj0d9mbx2McVuZLs699yX5xuRfFs2R5VNo0RNM7jR+Q
oNcWiy8ViiyW20ZzMoZhn8yq+6ymvA==
-----END EC PRIVATE KEY-----

INFO:__main__:------------DSA------------
DEBUG:__main__:generated sample signatures: (('\x96.\xed\x06?Tx\x87\x96\xc0Jxe\xc1\xb7\xa0}\xbaSl', (962114315288785318297754502373467834746102876259L, 152066227943132308247866282041325280216845090990L), <_DSAobj @0x2c49a80 y,g,p(1024),q>), ('\xf2\x9a\x9a\x81\xa8\x1b\x071Z1\xe28\xd3\x993\xff\xc7[b\xab', (962114315288785318297754502373467834746102876259L, 357089477795349418794190243474458899186606359757L), <_DSAobj @0x2c788f0 y,g,p(1024),q>))
DEBUG:__main__:Signature Objects: [<DsaSignature 0x2c7a5b sig=(9621143152…,1520662279…) public=✔ private=⨯ >, <DsaSignature 0x2c7a3f sig=(9621143152…,3570894777…) public=✔ private=⨯ >]
DEBUG:__main__:<DsaSignature 0x2c7a5b sig=(9621143152…,1520662279…) public=✔ private=⨯ > - recovering privatekey from nonce reuse...
DEBUG:__main__:<DsaSignature 0x2c7a5b sig=(9621143152…,1520662279…) public=✔ private=✔ > - Private key recovered!
-----BEGIN PRIVATE KEY-----
MIIBSgIBADCCASsGByqGSM44BAEwggEeAoGBAIAAAAAAAAAA8tZboZpqrRAwKtK0
mXxwct7Es1BBih3HheeLBMOHCqPlwJmfUA8kBZQZzu3V+at5IWlRi0fTikvNWuqN
GLqMkf0kqXOhzP8/hD7B/CUF1YedzGKqC2BfhX/RON+CD/mFi35As8G73O29GCUl
qMd0KYhHHtBvVPiLAhUA/5r9a94k/9/mHVub1U0WrAJv2B8CgYARyESPcKSpBEoT
nXlMrX1M71RySJL5nrqUKpFTFRSoIwX5sj7ZRfKSqbf2umwSu8LfCEOZ2qKu0+jp
+bUC0oihSjaVCrADZykPr67k9mt56xx1wP4vUJJNfM3Wkty5xsI3JtUFbQ5EzFAt
JhLRWxOqcGEm35ZPQ4ao1qZsIsSVCQQWAhRqVNUTHGUaRRA5lXlmN4sw9glosQ==
-----END PRIVATE KEY-----
DEBUG:__main__:generated sample signatures: (('\x96.\xed\x06?Tx\x87\x96\xc0Jxe\xc1\xb7\xa0}\xbaSl', (921214889680762780870505834724573810649257487648L, 1206590109737383111438209532388130932310558452933L), <_DSAobj @0x2c78cd8 y,g,p(1024),q>), ('\xf2\x9a\x9a\x81\xa8\x1b\x071Z1\xe28\xd3\x993\xff\xc7[b\xab', (921214889680762780870505834724573810649257487648L, 254170456806936279470958328275930254179957847437L), <_DSAobj @0x2c788f0 y,g,p(1024),q>))
DEBUG:__main__:Signature Objects: [<DsaSignature 0x2c7a83 sig=(9212148896…,1206590109…) public=✔ private=⨯ >, <DsaSignature 0x2c7a61 sig=(9212148896…,2541704568…) public=✔ private=⨯ >]
DEBUG:__main__:<DsaSignature 0x2c7a83 sig=(9212148896…,1206590109…) public=✔ private=⨯ > - recovering privatekey from nonce reuse...
DEBUG:__main__:<DsaSignature 0x2c7a83 sig=(9212148896…,1206590109…) public=✔ private=✔ > - Private key recovered!
-----BEGIN PRIVATE KEY-----
MIIBSwIBADCCASsGByqGSM44BAEwggEeAoGBAIAAAAAAAAAARApDBH1CEeZPeIM9
mMb6l3FyY8+AOy+cdiDzCaqlkIRVIRRxvnCH5oJ6gkinosGscZMTgF7IwQJzDHFm
oxvVdpACrj5Je+kpF6djefAbe+ByZ4FowkGq1EdMZF8aZzsik3CFkEA/vDsjvAsg
XmKRvOnFHkkFuKCRAhUA/+rcmBQ71NBsDzkbusi6NQpTNF8CgYAFVt8xSXTiCGn8
+bqWyoX+gjItArrT28o6fGnq+apjwasvWDHq1FETk/gwqTbTwWTiMo2eOTImRKDF
MbK1us+DjhloAUuhL6nCRQhsLs4Jq+8A/y7aol/HjCz1fHRKKDD9wqKDf2kWdI97
Kb2Hq4AUoJWTCT0ijX+oQJafbywjdwQXAhUAniK/kyRv/SFd1uJjuDMh0EntMws=
-----END PRIVATE KEY-----

The library is written in a way that it tries to upgrade pubkey only ecdsa objects to private key enabled ecdsa objects upon successful recovery. This makes it easy to work with recovered key objects. The library performs both ECDSA and DSA key recovery.

 使用案例
 相关资料
  • @private

    描述: 标记为私有。 语法 使用JSDoc标签字典(默认启用): @private 使用Closure Compiler标签字典: @private [{typeExpression}] 概述 @private标签标记标识符为私有,或者不昨一般用途使用。私有成员不会在生成文档中输出任何内容,除非JSDoc使用 -p/--private 命令行选项运行。在JSDoc3.3.0或更高版本中,您还可以使

  • ecdsa

    import "crypto/ecdsa" ecdsa包实现了椭圆曲线数字签名算法,参见FIPS 186-3。 type PublicKey type PrivateKey func GenerateKey(c elliptic.Curve, rand io.Reader) (priv *PrivateKey, err error) func Sign(rand io.Reader, priv *

  • Private Detector

    Private Detector 是 Bumble 开源的图像检测模型,可以用于检测色情图片。内部版本已经进行了大量的重构,并作为一个完全开源的项目发布,以允许更广泛的社区使用和微调他们自己的 Private Detector 模型。你可以下载预训练的 SavedModel 模型。 模型: SavedModel 模型可以在 private_detector.zip 中的 save_model/ 目

  • Private 属性

    本主题中的某些内容可能不适用于某些语言。 返回或设置一个标识“Office 助手”气球(该气球将初始化回调过程)的整数。Long 类型,可读写。 说明 用该属性可在一个以上的气球中调用相同的回调过程。 示例 本示例可实现的功能为:将Private 属性值设置为 129,以标识“Office 助手”气球。 Set printerOrientation = Assistant.NewBalloon W

  • 私信(Private Messages)

    消息传递系统允许向Joomla的后端用户发送消息。 您可以发送,读取,写入和删除消息。 Step (1) - 您可以创建新的私人消息,如下面的屏幕所示。 转到Components → Messaging → New Private Message以编写新的私人消息。 Step (2) - 当您打开新私人消息时,您将看到以下屏幕。 您可以通过单击“选择用户”按钮来选择“收件人”。 在“主题”字段中输

  • Deploying a Private Server

    Deploying a Private Burp Collaborator Server By default, Burp uses the public Collaborator Server provided by PortSwigger, and this option may be suitable for many purposes. See the main Burp Collabor

同类工具

IONPlatONEddnblockchain_golangbitcoin-on-nodejsExonumHyperledger Fabrichero-node

相关阅读

MySQL-创建表时一起使用时,“ PRIMARY KEY”,“ UNIQUE KEY”和“ KEY”的含义Python-为什么用dict.get(key)而不是dict [key]?java private关键字用法实例INT PRIMARY KEY和INTEGER PRIMARY KEY SQLite之间的区别什么是key = lambda

相关文章

Redis 的大 Key 对持久化的影响Redis的数据类型详解和使用:key、String类型

相关问答

用BouncyCastle验证ECDSA签名如何将PublicKey用于ECDsaDER 解码 ECDSA Java 签名验证ECDSA P-256签名OpenSSL ECDSA 签名有效性

相关文档

快捷导航: 新手教程 算法原理 架构设计 Java进阶 数据库进阶 大厂专栏 面试经验 编程笔记 编程问答 所有专题 文档资料 工具软件 电子书籍 小牛导航
在线工具: 房贷计算器 个税计算器 Linux命令查询 Json格式化 正则表达式 颜色转换 AES加解密 SHA1加密 MD5加密 毒鸡汤 字数统计 随机密码生成 进制转换 Base64编解码 励志句子
Copyright © 2019-2024 小牛知识库@xnip.cn. All Rights Reserved.