On Wed, Mar 5, 2014 at 11:39 AM, Peter Todd <p...@petertodd.org> wrote: > If you're following good practices you're not particularly vulneable to > it, if at all, even if you make use of shared hosting. First of all you > shouldn't be re-using addresses, which means you won't be passing that > ~200 sig threshold. > > More important though is you shouldn't be using single factor Bitcoin > addresses. Use n-of-m multisig instead and architect your system such
Both of these things have long been promoted as virtuous in part because they increase robustness against this sort of thing. But while I don't disagree with these things the reality is that many people do not follow either of these piece of advice and following them requires behavioral changes that will not be adopted quickly... so I don't think that advice is especially useful. And even if it were—, good security involves defense in depth, so adding on top of them things like side-channel resistant signing is important. I haven't had a chance to sit down and think through it completely but I believe oleganza's recent blind signature scheme for ECDSA may be helpful (http://oleganza.com/blind-ecdsa-draft-v2.pdf): The idea is that instead of (or in addition to— belt and suspenders) making the signing constant time, you use the blinding scheme to first locally blind the private key and point being signed, then sign, then unblind. This way even if you are reusing a key every signing operation is handling different private data... and the only point where unblinded private data is handled is a simple scalar addition. ------------------------------------------------------------------------------ Subversion Kills Productivity. Get off Subversion & Make the Move to Perforce. With Perforce, you get hassle-free workflows. Merge that actually works. Faster operations. Version large binaries. Built-in WAN optimization and the freedom to use Git, Perforce or both. Make the move to Perforce. http://pubads.g.doubleclick.net/gampad/clk?id=122218951&iu=/4140/ostg.clktrk _______________________________________________ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development
