Crypto wallets implementing the GG18 or GG20 TSS protocol might allow an attacker to extract a full ECDSA private key by injecting a malicious pallier key and cheating in the range proof. Depending on the Beta parameters chosen in the protocol implementation, the attack might require 16 signatures or more fully exfiltrate the other parties' private key shares.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: Halborn
Published: 2023-08-09T21:00:20.582Z
Updated: 2024-08-02T15:39:36.145Z
Reserved: 2023-05-19T15:51:23.095Z
Link: CVE-2023-33241
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-08-09T22:15:10.323
Modified: 2023-08-25T16:14:33.433
Link: CVE-2023-33241
Redhat
No data.