A "Final" Security Bug
This addresses a security vulnerability for users of cryptographic libraries, though it is incremental as it reports a specific bug fix rather than a new method.
The paper identified a critical security bug in Google Tink's Ed25519 Java implementation that allowed remote attackers to extract private keys using only two signatures, which was discovered and fixed before release.
This article discusses a fixed critical security bug in Google Tink's Ed25519 Java implementation. The bug allows remote attackers to extract the private key with only two Ed25519 signatures. The vulnerability comes from the misunderstanding of what "final" in Java programming language means. The bug was discovered during security review before Google Tink was officially released. It reinforces the challenge in writing safe cryptographic code and the importance of the security review process even for the code written by professional cryptographers.