Vulnerability feed

Vulnerability

CVE-2023-33242

Reference to the description:: https://nvd.nist.gov/vuln/detail/CVE-2023-33242
Description:: Crypto wallets implementing the Lindell17 TSS protocol might allow an attacker to extract the full ECDSA private key by exfiltrating a single bit in every signature attempt (256 in total) because of not adhering to the paper's security proof's assumption regarding handling aborts after a failed signature.
Last updated date:: 08/25/2023

Type:: exploit
Confidence:: HIGH
Date of publishing:: 08/15/2023
Reference url to background: https://github.com/d0rb/CVE-2023-33242

Type:: exploit
Confidence:: HIGH
Date of publishing:: 08/25/2023
Reference url to background: https://eprint.iacr.org/2017/552.pdf

Type:: exploit
Confidence:: HIGH
Date of publishing:: 08/25/2023
Reference url to background: https://github.com/fireblocks-labs/mpc-ecdsa-attacks-23

Type:: exploit
Confidence:: HIGH
Date of publishing:: 08/25/2023
Reference url to background: https://github.com/fireblocks-labs/zengo-lindell17-exploit-poc

Vulnerability Feed Contributors About Blog

@inTheWild

©2024 |