I apologise for lack of content on this blog recently. I need to give some people a kick, so they start writing. In the meantime, here is some old “news”.
I am often asked: Can you name some commercial products which use ECC?
I usually answer: I don’t know.
But I know something: Sony uses ECDSA (elliptic curve digital signatures) for the playstation 3 as a way to authenticate software.
Unless you’ve been living under a rock, you will already know that Sony did not implement ECDSA properly (from what I have read, Sony used a fixed value in place of one that was supposed to be random for all signatures, leading to a standard textbook key-recovery attack). As a result, some hackers posted the private key for the signature scheme. Sony are responding in the expected way.
— Steven Galbraith