YoVDO

Zero - The Funniest Number in Cryptography

Offered By: Black Hat via YouTube

Tags

Black Hat Courses Cybersecurity Courses Cryptography Courses Cryptographic Vulnerabilities Courses

Course Description

Overview

Explore the humorous yet critical role of zero in cryptography through this 27-minute Black Hat conference talk. Delve into crypto bugs found in four BLS signatures' libraries, including ethereum/py ecc, supranational/blst, herumi/bls, and sigp/milagro bls, all centered around the number zero. Learn about the innovative "splitting zero" attacks that expose vulnerabilities in the proof-of-possession aggregate signature scheme standardized in BLS RFC draft v4. Discover the implications of these findings, which led to $35,000 in bug bounties from the Eth2 program. Gain insights into signature verification, elliptic curves, pairing properties, and BLS signatures. Examine the concept of zero public keys and their impact on BLS aggregate signatures. Witness a demo of consensus bugs and grasp the far-reaching consequences of these cryptographic vulnerabilities.

Syllabus

Intro
Agenda
Terminology
Signature Verification
Zero
Aggregate Signature
elliptic curve
addition operations
pairing
pairing properties
BLS signature
VerifyingBLS signature
Zero public key
BLS aggregate signature
Fast aggregate verify
Demo
Consensus Bug
Conclusion


Taught by

Black Hat

Related Courses

Computer Security
Stanford University via Coursera
Cryptography II
Stanford University via Coursera
Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera
Building an Information Risk Management Toolkit
University of Washington via Coursera
Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network