Explore the humorous yet critical role of zero in cryptography through this 27-minute Black Hat conference talk. Delve into crypto bugs found in four BLS signatures' libraries, including ethereum/py ecc, supranational/blst, herumi/bls, and sigp/milagro bls, all centered around the number zero. Learn about the innovative "splitting zero" attacks that expose vulnerabilities in the proof-of-possession aggregate signature scheme standardized in BLS RFC draft v4. Discover the implications of these findings, which led to $35,000 in bug bounties from the Eth2 program. Gain insights into signature verification, elliptic curves, pairing properties, and BLS signatures. Examine the concept of zero public keys and their impact on BLS aggregate signatures. Witness a demo of consensus bugs and grasp the far-reaching consequences of these cryptographic vulnerabilities.
Overview
Syllabus
Intro
Agenda
Terminology
Signature Verification
Zero
Aggregate Signature
elliptic curve
addition operations
pairing
pairing properties
BLS signature
VerifyingBLS signature
Zero public key
BLS aggregate signature
Fast aggregate verify
Demo
Consensus Bug
Conclusion
Taught by
Black Hat
