Two Proven Countermeasures to Oracle Attacks on EdDSA

The Edwards-Curve Digital Signature Algorithm (EdDSA), which takes use of unreliable signature APIs that accept arbitrary public keys, is the target of an oracle attack in this paper. Through manipulation of these inputs, an adversary can fake signatures and recover secret signing values. The article highlights that apps that expose these APIs or improperly handle key pairs represent a danger, and it lists the libraries that are impacted. Two solutions are suggested to lessen this: either re-deriving the public key from the private key for every signature operation, or storing the public key. By strengthening implementation security and preventing key mismatches, these techniques make EdDSA more resistant to this type of attack.