This tool, written in Ruby, allows to guess the private key of the ECDSA when there is a flaw into the signature function. In particular, if the value k of this function is not random and it is used more then one time, the private key can be retrieved.
S = k^-1 (z + dA *R)
- S = Signature
- k = Random number
- z = Message hash
- dA = Private key
- R = Group
If you want go deeper, I suggest you to read this.
This tool uses ecdsa library and can be installed with:
gem install ecdsa
You need to edit 4 variables before running the script:
msghash1_hex
andmsghash2_hex
are the SHA2 hashes of the plaintext.sig1_base64
andsig2_base64
are the signatures of the messages encoded in base64.group
is the elliptic curve group
Thanks to DavidEGrayson for his ruby_ecdsa repository where I found some code snippets and other useful things for this script.