lattice attacks finished

ecdsa.py

@@ -214,4 +214,60 @@ def construct(self):
 
         self.next_slide()
         self.play(GrowArrow(shortest_vector))
-        self.play(FadeOut(r), FadeOut(h))
+        self.play(FadeOut(r), FadeOut(h))
+
+class LLLMatrixScene(Slide):
+
+    def construct(self):
+        title = Text("Lenstra-Lenstra-Lovász (LLL) algorithm").move_to(3*UP)
+        basis = Matrix(np.transpose([
+            ["q", "0"],
+            ["0", "q"],
+            ["h_1'", "h_2'"],
+            ["r_1'", "r_2'"]
+        ])).set_color(YELLOW)
+        h_prime = Tex("$h' \equiv s^{-1} * h \ (\mathrm{mod}\ q)$").scale(0.75).move_to(2*UP)
+        r_prime = Tex("$r' \equiv s^{-1} * r \ (\mathrm{mod}\ q)$").scale(0.75).next_to(h_prime, DOWN)
+
+        self.play(Write(title), Write(h_prime), Write(r_prime), FadeIn(basis.get_brackets()))
+        self.play(LaggedStartMap(FadeIn, basis.get_columns(), shift=0.5 * DOWN, lag_ratio=0.25))
+
+        arr = Arrow(start=DOWN, end=2*DOWN).scale(1.5)
+
+        self.play(GrowArrow(arr))
+
+        reduced_basis = Matrix(np.transpose([
+            ["k_1", "k_2"],
+            ["?", "?"],
+            ["?", "?"],
+            ["?", "?"]
+        ])).set_color(YELLOW).next_to(arr, DOWN)
+
+        self.play(FadeIn(reduced_basis.get_brackets()), LaggedStartMap(FadeIn, reduced_basis.get_columns(), shift=0.5 * DOWN, lag_ratio=0.25))
+
+        self.next_slide()
+
+        self.play(
+            FadeOut(basis.get_brackets(), shift=DOWN), 
+            LaggedStartMap(FadeOut, basis.get_columns(), shift=0.5 * DOWN, lag_ratio=0.1),
+            FadeOut(reduced_basis.get_brackets(), shift=DOWN), 
+            LaggedStartMap(FadeOut, reduced_basis.get_columns(), shift=0.5 * DOWN, lag_ratio=0.1),
+            FadeOut(h_prime, shift=DOWN), FadeOut(r_prime, shift=DOWN),
+            FadeOut(arr)
+        )
+
+        msb_attack = ImageMobject("ecdsa_examples/msb_attack_code.png").scale(1.15).next_to(title, DOWN)
+        self.play(FadeIn(msb_attack, shift=DOWN))
+
+class BonusAttackScene(Slide):
+
+    def construct(self):
+        title = Text("Bonus attacks").move_to(3*UP)
+        attacks = BulletedList(
+            "Private key can be recovered with any amount of nonce leakage (in some cases even less than one bit is enough)",
+            "LadderLeak: Breaking ECDSA with Less than One Bit of Nonce Leakage - https://www.youtube.com/watch?v=Nk1uqe8Z7k4",
+            "Polynonce attack - pretty novel - nonces generated by LCG-s can be broken",
+            "https://research.kudelskisecurity.com/2023/03/06/polynonce-a-tale-of-a-novel-ecdsa-attack-and-bitcoin-tears/"
+        ).scale(0.7).set_color(YELLOW)
+
+        self.play(Write(title), LaggedStartMap(FadeIn, attacks, shift=0.5 * DOWN, lag_ratio=0.1))