In December 2010, a group calling itself fail0verflow announced recovery of the ECDSA private key used by Sony to sign software for the PlayStation 3 game console. However, this attack only worked because Sony did not properly implement the algorithm, because k was static instead of random. As pointed out in the Signature generation algorithm Section above, this makes d_A solvable and the entire algorithm useless.
On March 29, 2011, two researchers published an IACR paper demonstrating that it is possible to retrieve a TLS private key of a server using OpenSSL that authenticates with Elliptic Curves DSA over a binary field via a timing attack. The vulnerability was fixed in OpenSSL 1.0.0e.
In August 2013, it was revealed that bugs in some implementations of the Java class SecureRandom sometimes generated collisions in the k value. As discussed above, this allowed solution of the private key, in turn allowing stealing bitcoins from the containing wallet on Android app implementations, which use Java and rely on ECDSA to authenticate transactions.
This issue can be prevented by deterministic generation of k, as described by RFC 6979.
Considering this, I know BitCoin secures wallets using ECDSA, if I am wrong, does this make the algorithms based on improperly implemented algorithm cause things to be solvable. I’m sure this is a noob question, though someone may also know immediately if this is solved; where the input is so random, no one can predictably attempt solution?
If so, please share that data with us? I know at least one person who could use that data.