From 825aa7b6b5fc76de4f92dfc3553ab2682791f3a7 Mon Sep 17 00:00:00 2001 From: "judymcconville@roadrunner.com" Date: Sun, 30 Apr 2017 18:36:35 -0700 Subject: [PATCH] Edited ch06.asciidoc with Atlas code editor --- ch06.asciidoc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ch06.asciidoc b/ch06.asciidoc index 2741a29c..457a4b9b 100644 --- a/ch06.asciidoc +++ b/ch06.asciidoc @@ -672,11 +672,11 @@ The math of ECDSA is complex and difficult to understand. There are a number of ==== The Importance of Randomness in Signatures -((("transactions", "digital signatures", "randomness in")))As we saw in <>, the signature generation algorithm uses a random key _k_, as the basis for an ephemeral private/public key pair. The value of _k_ is not important, _as long as it is random_. Specifically, if the same value _k_ is used to produce two signatures on different messages (transactions), then the signing private key can be calculated by anyone. Re-use of the same value for _k_ in a signature algorithm leads to exposure of the private key! +((("transactions", "digital signatures", "randomness in")))((("digital signatures", "randomness in")))As we saw in <>, the signature generation algorithm uses a random key _k_, as the basis for an ephemeral private/public key pair. The value of _k_ is not important, _as long as it is random_. Specifically, if the same value _k_ is used to produce two signatures on different messages (transactions), then the signing private key can be calculated by anyone. Re-use of the same value for _k_ in a signature algorithm leads to exposure of the private key! [WARNING] ==== -If the same value _k_ is used in the signing algorithm on two different transactions, the private key can be calculated and exposed to the world! +((("warning and cautions", "digital signatures")))If the same value _k_ is used in the signing algorithm on two different transactions, the private key can be calculated and exposed to the world! ==== This is not just a theoretical possibility. We have seen this issue lead to exposure of private keys in a few different implementations of transaction signing algorithms in bitcoin. People have had funds stolen because of inadvertent re-use of a _k_ value. The most common reason for re-use of a _k_ value is an improperly initialized random-number generator.