Windows 用の SSH クライアントソフトである PuTTY について ECDSA 署名に絡んで秘密鍵が漏洩するリスクがあるらしい。 PuTTY vulnerability vuln-p521-bias Every version of the PuTTY tools from 0.68 to 0.80 inclusive has a critical vulnerability in the code that generates signatures from ECDSA private keys which use the NIST P521 curve. (PuTTY, or Pageant, generates a signature from a key when using it to authenticate you to an SSH server.) via Pu