Author: Lloyd Fournier 2020-03-22 05:51:59
Published on: 2020-03-22T05:51:59+00:00
The discussion revolves around protecting against differential power analysis, a method used to extract sensitive information from cryptographic systems by analyzing their power consumption. The traditional way of mixing randomness was found to be vulnerable, so a different approach is used - completely masking the private key with randomness before continuing. The writer suggests that citing this method in the specification would be beneficial. They also question the vulnerability of hardware wallets to these attacks during key derivation, as getting side channel information from hashes in nonce derivation means getting it from hashes in HD key derivation as well, and it might be easier since the master seed is hashed for all necessary hardware device operations, including signing.
Updated on: 2023-06-13T23:40:08.443127+00:00