Interesting summary of various ways to derive the public key from digitally signed files.

Normally, with a signature scheme, you have the public key and want to know whether a given signature is valid. But what if we instead have a message and a signature, assume the signature is valid, and want to know which public key signed it? A rather delightful property if you want to attack anonymity in some proposed “everybody just uses cryptographic signatures for everything” scheme.

Leave a Reply

Your email address will not be published. Required fields are marked *

Explore More

Fortinet Releases Security Updates for Multiple Products

March 12, 2024 0 Comments 0 tags

Fortinet released security updates to address vulnerabilities in multiple Fortinet products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.   CISA encourages

Read More

Online Banking Security Still Not Up to Par, Says Which?

April 25, 2024 0 Comments 0 tags

Consumer rights group Which? has found more security gaps in UK banking sites and apps

Read More

Using LLMs to Exploit Vulnerabilities

June 17, 2024 0 Comments 0 tags

Interesting research: “Teams of LLM Agents can Exploit Zero-Day Vulnerabilities.” Abstract: LLM agents have become increasingly sophisticated, especially in the realm of cybersecurity. Researchers have shown that LLM agents can

Read More