%% You should probably cite draft-irtf-cfrg-det-sigs-with-noise-05 instead of this revision.
@techreport{irtf-cfrg-det-sigs-with-noise-02,
    number =    {draft-irtf-cfrg-det-sigs-with-noise-02},
    type =      {Internet-Draft},
    institution =   {Internet Engineering Task Force},
    publisher = {Internet Engineering Task Force},
    note =      {Work in Progress},
    url =       {https://datatracker.ietf.org/doc/draft-irtf-cfrg-det-sigs-with-noise/02/},
    author =    {John Preuß Mattsson and Erik Thormarker and Sini Ruohomaa},
    title =     {{Hedged ECDSA and EdDSA Signatures}},
    pagetotal = 16,
    year =      ,
    month =     ,
    day =       ,
    abstract =  {Deterministic elliptic-curve signatures such as deterministic ECDSA and EdDSA have gained popularity over randomized ECDSA as their security does not depend on a source of high-quality randomness. Recent research, however, has found that implementations of these signature algorithms may be vulnerable to certain side-channel and fault injection attacks due to their deterministic nature. One countermeasure to such attacks is hedged signatures where the calculation of the per-message secret number includes both fresh randomness and the message. This document updates RFC 6979 and RFC 8032 to recommend constructions with additional randomness for deployments where side-channel attacks and fault injection attacks are a concern. The updates are invisible to the validator of the signature and compatible with existing ECDSA and EdDSA validators.},
}