‘Blockchain Bandit’: How a Hacker Has Been Stealing Millions Worth of ETH by Guessing Weak …

Despite establishing around 700 weak private keys that are being regularly used by multiple people, the researchers found a “blockchain bandit” who …

Earlier this week, United States-based security consulting firm Independent Security Evaluators (ISE) published a report on private keys for the Ethereum blockchain.

Despite establishing around 700 weak private keys that are being regularly used by multiple people, the researchers found a “blockchain bandit” who has managed to collect almost 45,000 ether (ETH) by successfully guessing those frail private keys. Cointelegraph interviewed Adrian Bednarek, a senior security analyst at ISE, to find out more about what they describe as “ethercombing.”

Research background and chief findings

Bednarek says he discovered the hacker by accident. At the time, he was doing research for a corporate client that planned to implement their own wallet with an integrated key generating algorithm.

“As a security analyst, before you start any assessment, you have to understand the underlying technologies very clearly — basically as if you’re creating them yourself,” he told Cointelegraph.

“Private key generation was one of the components we had to research, and I was going through the basics of what is a private key on Ethereum: How large is it? How is it generated? And how is it used to derive the public key and public address?”

On Ethereum, bitcoin (BTC) or any other major blockchain that supports the ECDSA (Elliptic Curve Digital Signature Algorithm) protocol, private keys are represented by 256-bit numbers. The ISE narrowed it down to eight 32-bit “sub-regions” in the 256-bit key space during their research, because brute forcing a private key within a larger region is meant to be a statistical improbability.

Those eight sub-regions contained an overall amount of 34 billion weaker keys, which the ISE subsequently scanned. “It took an entire day,” Bednarek says.

It is worth stressing that those keys were generated due to a faulty code and faulty random number generators, and the researchers were specifically targeting suboptimal keys.

“Private key is your user ID and your password at the same time,” the security analyst explained while breaking down the basic mechanics. “It’s different than your banking login, where you have your username and a password […] Therefore, when two individual people use the same password for creating a Brainwallet [i.e., wallets that entail passphrases as part of generating private keys] — like ‘password123’ — they will both own the same exact wallet.” As Bednarek puts it, “it’s like linking two people to the same bank account.”

Initially, the ISE specialist found that the private key of “1” *, which was picked because it is the lower bound of a possible private key, was actually being used on the blockchain. Furthermore, it had been involved in several thousand transactions.

* – (0x0000000000000000000000000000000000000000000000000000000000000001, if written using the 256-bit code)

“That was a red flag,” Bednarek recalled. “Why are people using the private key of 1? That shouldn’t be possible.” His team started to scan more keys to see how widespread the problem was. Although the ISE researchers had established that this issue is not particularly omnipresent, they had found as many as 732 weak private keys associated with a total of 49,060 transactions.

“Roughly, there’s about 50 million keys that have been used on [the] Ethereum [blockchain], and we’ve only discovered 732 of those.”

The blockchain bandit

As mentioned above, during their research, the ISE team noticed how some of the wallets associated with the private keys — found with their suboptimal methods — had a lot of transactions going to a specific address, and no money was coming back out. As Bednarek said in an explanatory video posted on the ISE website:

“There was a guy who had an address who was going around and siphoning money from some of the keys we had access to. We found 735 private keys, he happened to take money from 12 of those keys we also had access to. It’s statistically improbable he would guess those keys by chance, so he was probably doing the same thing. […] He was basically stealing funds as soon as they came into people’s wallets.”

In a conversation with Cointelegraph, Bednarek explained that the hacker (or a group of hackers) had set up a node to automatically swipe funds from addresses with weak keys. To verify that, the researchers used a honeypot: They sent a dollar using a weak private key, which they knew the hacker was aware of, to see how fast it would be taken. The money was gone in a matter of seconds, the ISE employee said:

“If it was a manual thing, maybe it would have been taken within a day or whatever. But as soon as we sent it we went on the blockchain explorer, we saw that there was a transfer going out immediately, within seconds. So basically what he [the hacker] has is a blockchain node that is part of the transaction network set up somewhere. As soon as it sees transactions come in with a private key of which he has knowledge of, it immediately sends a request to transfer the money out.”

As per the data obtained from Etherscan, the hacker’s wallet contains around 45,000 ETH (worth more than $7.3 million, as of the time of writing). At the height of ether’s value, it is estimated that the bandit’s loot could have been sold for more than $50 million.

According to the comment section for the fraudster’s wallet address, it had been stealing funds for several years. One of the comments, purportedly submitted by major ETH wallet provider MyEtherWallet (MEW) features a link to a 2016 Reddit thread titled “Ethereum nodes with insecure RPC settings are actively exploited.” In it, a redditor described setting up an Ethereum node “with its HTTP RPC API exposed to the internet” and getting attacked within a few minutes after going live.

“If you google the [hacker’s] address there’s a lot of people complaining about him,” Bednarek confirms, admitting that the fraudster’s tacts have proven to be quite successful:

“This guy has taken a multi-prong approach to stealing money.”

The security analyst then described the fraudster’s method in greater detail: “One — he is looking at bad private keys. Two — he is looking at weak passphrase-based wallets and misconfigured RPCs. You are not really supposed to expose the RPC of your Ethereum node but sometimes people do, and if you don’t have the password set somebody can basically empty out the default wallet associated with your node.”

But such asset-grabbing is not a problem that is exclusive to the Ethereum blockchain, the ISE security researcher warns. “It [the blockchain] is working as intended, it’s just the way people are using it,” he said, describing an ethics-related problem his team faced while doing their research:

“Before we started on this [the research], we had an ethical dilemma — what if we find the wallet with a key that has a million dollar in it? Do we just leave it there? But if we leave it there, we know it’s behind a bad private key and it is likely to get stolen, therefore we would be somewhat responsible this money getting stolen because we could have notified somebody. But then the second problem is who do we notify? There is no easy way to identify the owner of a private key. Maybe we could take the money temporarily until somebody could prove that it was theirs? But then it creates a lot of legal issues. So the CEO of the company [that they were doing the research for] contacted the IFS for legal advice and they basically said: ‘if you find anything, leave it there. Don’t do any transfers. That way you won’t get yourself into any legal hot water.’”

Security advice and further research

Therefore, according to Bednarek, private keys tend to be vulnerable due to two main factors. The first is coding errors in the software responsible for generating them. Secondly, some crypto owners have a tendency to obtain identical private keys through weak passphrases such as “abc123,” or even leaving them blank.

For instance, the ISE report established that one of the most popular weak private keys is the one generated from an empty recovery phrase — i.e., “ ” — using the Parity wallet. There have reportedly been 8,772 transactions on this address with a total of 5,215,586 ETH transferred.

“For a while Parity let you use a default password of nothing and it would generate the private key based on that,” Bednarek explains, adding that the wallet developer allegedly fixed the issue at some point. “I think they have introduced a minimum password requirements [since then]. It might be just a single character, but you can’t use blank passwords on Parity right now if you’re using the latest version of their software.”

No wallet creators have contacted the ISE yet, according to Bednarek:

“That is an interesting issue because it’s hard to say which wallet was responsible, if there was a wallet at all — it could be just people entering the wrong private keys, it could be early debug versions of wallets, it could be developers themselves. It’s a bit hard to say why this exists and which wallet is at fault. It’s something I don’t think we’ll ever know.”

Bednarek’s main advice for those who are not computer-savvy is to use well-known and trusted wallets, possibly moving to hardware or paper-based wallets if large amounts of cryptocurrency are involved. He said:

“If there’s going to be trading or holding of a lot of currency then use a hardware wallet where the private key will never be revealed. A lot of my friends that are long term holders use paper wallets where they generate a random key and store it on paper so it never touches the computer at all.”

Nevertheless, there’s always some risk involved even when it comes to popular software, Bednarek warned, bringing up the example of the Iota wallet being compromised by a developer from Oxford who was arrested and accused of stealing around 10 million euros last month.

Given that the Iota wallet is open-sourced, its code was publicly posted on Github. At some point, the fraudster modified the random number generator by submitting a change to the code.

“That was done in a very obfuscated way,” Bednarek said. “Even though lots of people could review the code,” they just assumed it should work, according to him.

That way, the hacker was able to see how private keys were generated and reproduce them using his injected code, the ISE specialist explained.

“After lots of people lost lots of money, somebody finally reversed-engineered his modifications to the random number generator and they were able to see that he was creating sequential numbers within the specific range of the key space.”

As for the future, the ISE plans to continue monitoring blockchains and weak private keys at a larger scale. “We will move our scanning method to use GPUs where we will be able to scan 38 billion keys within a matter of seconds,” Bednarek told Cointelegraph.

“As we make the scanning more efficient, we’ll be able to do some crazy things like go after brainwallets or other key generation algorithms that might be faulty. So we’ll expand into different areas to identify more keys.”

Moreover, the security research group is going to publish more information — including faulty public keys — for people to do their own research and stay warned of possible security breaches. “Maybe this will turn into a collaborative effort to help finding some of the causes for this,” Bednarek suggested.

Related Posts:

  • No Related Posts

Unpacking Schnorr Signatures: Blockstream’s MuSig to Improve Bitcoin Transactions?

… that aren’t agreed upon by the majority of the community have led to contentious hard forks, which have given birth to the likes of Bitcoin Cash. Thus …

Following the launch of working code last month, blockchain technology firm Blockstream hopes to successfully develop a new multisignature standard for Bitcoin transactions in the future.

Alongside this, Blockstream also released its latest version of its Bitcoin scaling software c-lightning at the beginning of March, marking a busy period for the highly regarded development house.

Upgrades to the Bitcoin protocol

Historically, potential upgrades to the Bitcoin protocol (BTC) have been a big point of contention since its inception back in 2009.

Satoshi Nakamoto’s original Bitcoin white paper is treated as something of a sacred text, and any changes to the way in which the technology works has been met with skepticism and opposition.

Nevertheless, the Bitcoin protocol has had its fair share of teething problems over the years due to a massive increase in the amount of users and the network’s ability to process transactions in a timely and cost-effective way.

Given that there must be consensus for any potential changes to the code, Bitcoin has been improved by implementations like SegWit, which has slowly rolled out over the past two years.

Any changes that aren’t agreed upon by the majority of the community have led to contentious hard forks, which have given birth to the likes of Bitcoin Cash.

Thus, any potential changes to the Bitcoin protocol take an extensive amount of time, research, development and testing before they can be rolled out to the wider community for consideration and implementation.

MuSig

Blockstream’s new Schnorr-based multisignature scheme (MuSig) has been rolled out for public testing and feedback in order to create working, fault-free code in the future.

To the layman, MuSig is an improvement that could potentially help scale Bitcoin’s blockchain by reducing transaction size by improving performance and user privacy. The groundwork for this code was laid by Blockstream cryptographers Pieter Wuille and Andrew Poelstra, as well as Yannick Seurin and Gregory Maxwell, in a research paper released in 2018.

Just over a year later, Blockstream released working code for testing by the wider cryptocurrency community on GitHub in the hopes that it could eventually be merged into the Bitcoin Core code and other projects.

Schnorr signatures

Digital signatures provide a cryptographic proof that a transaction was authorized by the owner of a particular private key. Most individual Bitcoin users send transactions with one signature that comes from the owner of the private key of the sending address.

Multisignatures provide the same kind of cryptographic proof when there are multiple owners of a wallet. In this case, the various owners need to produce their own individual signatures in order to generate a multisignature that authorizes a transaction.

Schnorr signatures are a specific type of multisignature that provide a couple of important benefits. The name Schnorr comes from the creator of the multisignature algorithm, Claus Schnorr.

Cointelegraph reached out to Blockstream cryptographer Andrew Poelstra to get a better understanding of the intricacies of the proposed MuSig upgrade. As he explains, the algorithm provides a number of benefits:

“Schnorr multisignatures are one specific type of multisignature which are small (64 bytes regardless of signer set size), which can be verified very efficiently, and which avoid exposing the number of signers to the blockchain.”

The reason why this implementation could have a dramatic effect on how the Bitcoin protocol works is due to the current form of multisignature that is used today.

Once again, Poelstra explains that the current multisignature, Elliptic Curve Digital Signature Algorithm (ECDSA), is simplistic in that it requires all signers to produce individual signatures that are then included in the relevant transaction.

“This means that for 2 signers, twice the blockchain space and twice the verification time are needed to process the transaction. If Bitcoin supported Schnorr signatures rather than ECDSA, this would enable several new technologies – most importantly, Schnorr multisignatures.”

For the network of miners that verifies Bitcoin transactions, these Schnorr-based multisignatures are identical to ordinary signatures. This means they are the same size and take the same amount of time to verify, but they are also more private.

According to Poelstra, they don’t reveal the original set of signers, or even provide the number of signers for a multisignature transaction. This should increase the anonymity and privacy of multisignature transactions.

MuSig

Bitcoin currently uses the ECDSA signature algorithm to verify ownership and transfer of BTC on the blockchain. As Blockstream explained in their original announcement, the ECDSA signature has a number of limitations.

The biggest concern is the difficulty of creating multisignatures using ECDSA due to the complexity of the structure of the signatures produced.

Blockstream’s main concern with ECDSA and other current multisignature schemes is that they assume signers of transactions have control of how and when their keys are generated and that they have a reliable and secure memory.

In reality, many Bitcoin users don’t have access to their keys and how they are generated, and they also have no control over third parties and how they use the keys. Blockchain’s proposed MuSig scheme hopes to address this in two ways.

Firstly, MuSig creates short, consistently sized signatures that look the same to verifiers, no matter how many signers are involved. This aims for efficiency, by relieving the burden of signer details while maintaining security.

Secondly, MuSig wants to provide provable security using plain public keys. They are aiming to give signers flexibility in the way they produce and provide multisignatures to transactions without having to provide extra information on how the keys were produced.

It is noted that this is still an area of difficulty when it comes to Bitcoin key generation due to the variety of key management policies in the ecosystem.

Extensive testing needed

While Blockstream hopes to provide a workable solution to improved multisignature transactions, they are under no illusion of the challenges of doing so.

Ensuring the security of multisignature transactions is far more complicated, as it cannot simply use the same hashing method to ensure uniform randomness of signatures through cryptographic hashing.

Subsequent signers of a multisignature transaction could use other signers’ “nonce” (a hashed number that can only be used once in a cryptographic transaction) for more than one signature.

The current solution is to use a session ID for a signing session of a multisignature transaction, which is a temporary one until Blockstream develops a more robust solution.

Replay attacks are still a concern for multisiganture transactions, given the number of steps involved in verifying a transactions that requires signatures from multiple participants.

Considering all of this, Poelstra tells Cointelegraph that the security of Schnorr signatures and their use in MuSig is not a concern:

“Schnorr signatures are algebraically simple to reason about, and provably secure under the same cryptographic assumptions that underlie ECDSA. Of course, as with any proposed change to Bitcoin, the introduction of Schnorr signatures would require a substantial amount of testing and review.”

The way forward

Putting a timeline on the testing and potential implementation of MuSig is not a straightforward concept. Given the complexity of ensuring the security and efficacy of multisignature transactions, a working and trustable solution will take a considerable amount of time to produce.

As Poelstra explains, developing and implementing MuSig will require collaboration with the wider Bitcoin community:

“The first step is putting together a concrete, specific proposal, and sending this to the bitcoin-dev mailing list for community review. The review process will likely take many months, during which time the proposal could undergo many changes. In parallel to this, and continuing afterward, code needs to be written, tested and reviewed. The software then needs to be widely deployed before the changes can be activated. It is hard to say how long this entire process will take.”

In the event that the code is approved and implemented by the wider Bitcoin community, it won’t be necessary to undergo any sort of hard fork to implement changes, according to Poelstra:

“The introduction of Segwit in 2017 also introduced a versioning mechanism for changes to Bitcoin Script (such as the introduction of new signature schemes), which allows such upgrades to happen in a softfork. Prior to Segwit it would also have been possible to introduce Schnorr signatures in a softfork, though with more engineering effort to ensure a smooth transition as users update at different times.”

The wider Bitcoin development community is being encouraged to test Blockstream’s code on GitHub in order to facilitate the development of fully usable code in the next few months and years.

Related Posts:

  • No Related Posts

Anybody Can Become Satoshi! Developer Group Creates Faketoshi Tool

Ever since, bitcoin came into existence, there have been a number of people who have claimed to be its inventor, Satoshi Nakamoto. One of the most …
President Washington Bitcoin Dollar
Share with your friends

Ever since, bitcoin came into existence, there have been a number of people who have claimed to be its inventor, Satoshi Nakamoto. One of the most well-known people who has claimed to be the elusive Nakamoto is Craig Wright, the founder of nChain. However, he has not offered substantial proof towards the same.

Recently Wright wrote to Commodity Futures Trading Commission (CFTC) telling them that he was Satoshi Nakamoto. At the time he had said, “My name is Dr. Craig Wright and under the pseudonym of Satoshi Nakamoto I completed a project I started in 1997 that was filed with the Australian government in part under an AusIndustry project registered with the Dept. of Innovation as BlackNet.”

Advertisement

Now a developer group called Albacore has recently launched a faketoshi signature tool which will allow all and sundry to tie a message to the genesis block and claim to be Satoshi Nakamoto. On the official website, a message reads, “Clicking the button below will generate a signature and message hash that will successfully validate against the address that mined the genesis block, which is known to have been mined by Satoshi. Just don’t ask for the plaintext message that generated the hash…(spoiler, we don’t know it either).”

Interestingly, the fraudulence highlighted the interest in the creator once again. While there is hype about blockchains and cryptocurrencies, there is serious lack of technical knowledge on the same.

The group stated that the chief reason why it created this tool was, “Despite all the interest and hype in blockchains, there is still a serious lack of technical understanding held by the majority of people in the community about the fundamentals that underpin this technology.”

A Medium post by the group attempted to clear the confusion by stating in blockchains, Elliptic Curve Digital Signature Algorithm (ECDSA) is used to spend transaction outputs locked to addresses by allowing you to prove that you know the private key to that address without having to publish the key for everyone (who would subsequently steal all your coins) to see.

The fake Satoshi in a Twitter message, attempted to prove their authenticity by using a non-standard ECDSA verification operation — that is, it foregoes the “hash-then-verify” paradigm thereby tricking unsuspecting verifiers as to its legitimate construction.

However, this person only provided the hash of a message and not the message itself because they do not know the message. That would involve them actually knowing the private key and generating a legitimate signature.

While there will be many more fake Satoshis to come, atleast people will know what goes into the imposter’s creation.

Liked what you read? Join us on Telegram

Sponsored Content
recommended by
Share with your friends

Related Posts:

  • No Related Posts

This ‘Faketoshi’ Signature Tool Lets Anyone Become Satoshi Nakamoto

Over the years, it’s become popular to claim that you are Satoshi Nakamoto even if you lack a shred of evidence. Although some individuals have tried …

Over the years, it’s become popular to claim that you are Satoshi Nakamoto even if you lack a shred of evidence. Although some individuals have tried really hard to prove it, they have always failed to convince the greater community. For instance, a few self-proclaimed inventors of Bitcoin have attempted to generate a signature with a message hash that’s tethered to an early mined block. After a few of these occurrences, a financial transparency startup called Albacore Labs has created a tool that will validate a signature against the genesis block, making it “easier for other people to make similar claims.”

Also Read: Another ‘Satoshi’ Steps Out of the Woodwork, Calls Craig Wright a Liar

Crypto-Babble About Digital Signatures or Hashing Should Not Be Enough

Many bitcoiners will never forget how Craig Wright tried to prove he was Satoshi Nakamoto back in 2016. It all started when the London Review of Books reporter Andrew O’Hagan spent months with Wright and allegedly saw him sign a message tied to a Satoshi Nakamoto address. There was also a series of blog posts Wright wrote that has since been scrubbed from the internet and Wright’s interaction with Gavin Andresen in London. Back in the spring of 2016 Wright also appeared on a BBC video claiming to sign a signature tethered to the first bitcoin transaction.

“My name is Craig Wright and I’m about to demonstrate a signing of a message with the public key that is associated with the first transaction ever done on Bitcoin,” the Australian native stated on May 2, 2016. “So you are going to show me that Satoshi Nakamoto is you?” the BBC reporter asked at the time. “Yes,” Wright replied.

This ‘Faketoshi’ Signature Tool Allows Anyone to Become Satoshi Nakamoto
Two men who have claimed to be Satoshi Nakamoto but have yet to provide solid evidence. ‘Satoshin,’ left, and Craig Wright.

After the show aired, veteran cryptographers quickly pointed out that the BBC reporters and Andrew O’Hagan were seemingly duped. The long-winded London Review of Books story that describes O’Hagan’s experience hanging out with Wright for months shows O’Hagan had no clue what Wright was actually signing. Moreover, well-known cryptocurrency developers like Pieter Wuille, Christopher Jeffrey and Greg Maxwell showed the public how Wright pulled off his signing parlor trick.

This ‘Faketoshi’ Signature Tool Allows Anyone to Become Satoshi Nakamoto

One of the so-called Satoshi PGP keys Wright signed was provably backdated and other signature attempts have been cited as blatant forgery. Then, last year, a Twitter handle that used the name “Satoshi Nakamoto” tried to create the same signing proof with a message tied to block number 9. Finally, Bitcoin Cash (BCH) developer Amaury Séchet recently shared a hash message on Twitter and claimed to be Satoshi. However, the message was clearly a joke except a few cryptocurrency news outlets ran with the story.

This ‘Faketoshi’ Signature Tool Allows Anyone to Become Satoshi Nakamoto
Last November a Twitter handle called @Satoshi tried to sway the community with a signed message tethered to block 9.

Now Anyone Can Prove They Are Satoshi By Signing a Message Tied to the Genesis Block

Since the so-called block 9 signing, Albacore, a team that develops tools to improve financial transparency, has released an application that can tie a message to the Bitcoin genesis block so anyone can attempt to “prove they are Satoshi.”

“With everyone seemingly trying to prove they are Satoshi (looking at you Craig Wright and “Faketoshi twitter”), we’ve decided to make it easier for other people to make similar claims,” explains Albacore.

The startup’s Faketoshi website continues:

Clicking the button below will generate a signature and message hash that will successfully validate against the address that mined the genesis block, which is known to have been mined by Satoshi. Just don’t ask for the plaintext message that generated the hash…(spoiler, we don’t know it either).

This ‘Faketoshi’ Signature Tool Allows Anyone to Become Satoshi Nakamoto
Albacore’s Faketoshi tool.

A Faketoshi Signing Tool Benefits the Community by Teaching Bitcoiners to Dismiss Fraudulent Behaviour

In a post that describes the tool’s process, Albacore says people claiming to be Satoshi is nothing new, but Craig Wright is the most “recent cult” following. Albacore says this is due to a serious lack of technical understanding within the blockchain and bitcoin ecosystem. “This leads to situations where the merest mention of crypto-esque jargon like digital signatures or hashing is convincing enough,” the startup’s blog post explains. Albacore notes that people can see that the forged messages are clearly faked because the hash of the message is provided without the actual plaintext message.

This ‘Faketoshi’ Signature Tool Allows Anyone to Become Satoshi Nakamoto
“The inputs and outputs of the ECDSA signature and verification operations. Note that in both, the input is the plaintext message that is then hashed within the boxes (the ECDSA algorithm),” explains Albacore.

“So why would the scammer provide the hash of a message and not the message itself? Albacore asks within the essay, before answers its own question: “Because they do not know the message — That would involve them actually knowing the private key and generating a legitimate signature.”

Albacore adds:

Given the one-way nature of cryptographic hashes — The only way to verify this signature is to use a non-standard ECDSA verifier that does not internally hash the message but instead accepts the hash of the message as an input.

This ‘Faketoshi’ Signature Tool Allows Anyone to Become Satoshi Nakamoto
Albacore believes the greater community needs to be more vigilant towards pretenders and faked signature attempts.

This week, news.Bitcoin.com reported on another self-proclaimed Satoshi Nakamoto who called Craig Wright a “liar” and stated he could sign a real message in due time. However, just like the slew of other Faketoshis we’ve covered in the past, this one has yet to provide any real proof to the greater crypto community. To some people, these signatures are pretty much meaningless, unless the signer can provide an actual plaintext message or literally move bitcoins that were mined in the early days with a well-known Satoshi address. Even Wright’s open letter saying that he is willing to testify in front of the U.S. Commodity Futures Trading Commission (CFTC) is worthless because none of those regulators understand this technology.

Albacore says tools like the Faketoshi signing application benefit the community as a whole, so they can be more critical towards people attempting blockchain signature parlor tricks and instead “focus on things that advance the space as a whole.”

What do you think about Albacore’s Faketoshi signature tool? Do you think anyone has proven themselves to be Satoshi Nakamoto with these signature tricks? What would make you believe a person is really Satoshi? Let us know what you think about this subject in the comments section below.


Image credits: Shutterstock, Twitter, Pixabay, Albacore, Medium, and Bitcoin.com.


At news.Bitcoin.com all comments containing links are automatically held up for moderation in the Disqus system. That means an editor has to take a look at the comment to approve it. This is due to the many, repetitive, spam and scam links people post under our articles. We do not censor any comment content based on politics or personal opinions. So, please be patient. Your comment will be published.

Related

Meet Memopay, the Bitcoin Cash Advertising Model That ‘Pays for Attention’

There’s a different kind of advertising taking place on the Bitcoin Cash (BCH) network, using an application called Memopay. The… read more.

No Internet, No Problem: How to Send Bitcoin by Amateur Radio

In an age where governments are trigger happy at censoring or shutting down networks, it is reassuring to know that… read more.

Jamie Redman

Jamie Redman is a financial tech journalist living in Florida. Redman has been an active member of the cryptocurrency community since 2011. He has a passion for Bitcoin, open source code, and decentralized applications. Redman has written thousands of articles for news.Bitcoin.com about the disruptive protocols emerging today.

Related Posts:

  • No Related Posts

Old Ripple Software’s Libraries Contained Private Key Vulnerability

American startup Ripple, whose cryptocurrency XRP is ranked second by capitalization in the cryptocurrency market now, published an official …

An opportunity to use ECDSA key for the second time makes it easy for computation, it was confirmed by several successful attacks carried out by cryptographers.

American startup Ripple, whose cryptocurrency XRP is ranked second by capitalization in the cryptocurrency market now, published an official announcement, according to which the libraries of Ripple (XRP) software which had been releaced before August, 2015, made private keys used to sign several transactions potentially vulnerable.

It became known due to a research made by DFINITY fund and Californian university. In addition to Ripple, some part of Bitcoin and Ethereum addresses turned out to be vulnerable, too.

As the cryptographers know, security of digital signature algorithms of elliptic curves (Elliptic Curve Digital Signature Algorithms = ECDSA), used by cryptocurrencies mentioned above depends on random data. If ECDSA private key ever used to sign two messages with one and the same signature, this private key turns out to be a soft target for hacker attack. The researchers claim that they successfully hacked hundreds of Bitcoin addresses and several Ethereum addresses, SSH (remote management for unix-like systems), HTTPS and one XRP private key, due to so-called one-use numbers. At they explain, potential consequences of such vulnerabilities may be quite considerable. In case of cryptocurrencies, these keys provide anyone with an opportunity to steal money from linked accounts. In case of SSH or HTTPS these keys allow to pretend to be a final host.

Nevertheless, it is possible to solve this issue, as the authors of the research believe. It is possible to prevent all the attacks discussed in this article with the help of determined generation of one-use ECDSA numbers which is already implemented in standard libraries of Bitcoin and Ethereum.

According to Ripple’s explanations, determined generation of one-use numbers is also a part of its software since August, 2015. This option also protects the addresses which interact with blockchain addresses and use new software libraries.

Regardless to the fact that cryptography is still far from being perfect, centralized systems like exchanges are attacked more often and more successfully, than the ones protected by private keys, as the research states. The researchers accessed approximately $54 in Bitcoins and $14 in Ethereum when they were carrying out the attacks.

Related Posts:

  • No Related Posts