|
Title: Vulnerabilities in ECDSA Post by: joecooin on April 25, 2014, 08:52:14 AM Here may be the explanation for some of these cases of "My Bitcoins have dissappeared from my XXX-Wallet" for which no explanation has been found so far.
And maybe some devs want to analyse the claims made in this paper before it hits the media as I can already imagine the headlines it will create. Quote ECDSA, like DSA, has the property that poor randomness used during signature generation can compromise the long-term signing key. We found several cases of poor signature randomness used in Bitcoin, which can allow (and has allowed) attackers to steal money from these clients. From: http://eprint.iacr.org/2013/734.pdf Joe Title: Re: Vulnerabilities in ECDSA Post by: deepceleron on April 25, 2014, 08:59:46 AM Not news. Bitcoins have been stolen, but from completely broken random generators, and by people making their own private key with stupid algorithms.
Here's a thread with lots of conversation for you to read: https://bitcointalk.org/index.php?topic=419259.0 Title: Re: Vulnerabilities in ECDSA Post by: Pente on April 25, 2014, 09:11:18 AM If you are really worried about it, keep the majority of your coins in address(es) that has never been used before to send coins.
Title: Re: Vulnerabilities in ECDSA Post by: bitcatch on April 25, 2014, 09:16:38 AM If you are really worried about it, keep the majority of your coins in address(es) that has never been used before to send coins. That doesn't help if your priv key was generated with poor random numbers generator. The vulnerability isn't in ECDSA, it's in some random number generators.Title: Re: Vulnerabilities in ECDSA Post by: deepceleron on April 25, 2014, 09:48:09 AM You will read that even with the stupidest random number generator (https://bitcoin.org/en/alert/2013-08-11-android), address reuse was required due to the dual-layer protection of both ECDSA and RIPEMD160 and SHA256 hashes. It appears you are here to troll rather than to learn though.
Title: Re: Vulnerabilities in ECDSA Post by: bitcatch on April 25, 2014, 07:21:33 PM You will read that even with the stupidest random number generator (https://bitcoin.org/en/alert/2013-08-11-android), address reuse was required due to the dual-layer protection of both ECDSA and RIPEMD160 and SHA256 hashes. It appears you are here to troll rather than to learn though. Hashing of public key can't protect you, if somebody accidentally generates one of your priv/pub keypairs due to poor randomness.Avoiding address reuse protects you against potential vulnerabilities in ECDSA, but it can't protect you if somebody just finds one of your privkeys. Title: Re: Vulnerabilities in ECDSA Post by: odolvlobo on April 25, 2014, 11:38:18 PM Here may be the explanation for some of these cases of "My Bitcoins have dissappeared from my XXX-Wallet" for which no explanation has been found so far. And maybe some devs want to analyse the claims made in this paper before it hits the media as I can already imagine the headlines it will create. Quote ECDSA, like DSA, has the property that poor randomness used From:during signature generation can compromise the long-term signing key. We found several cases of poor signature randomness used in Bitcoin, which can allow (and has allowed) attackers to steal money from these clients. http://eprint.iacr.org/2013/734.pdf Joe The flaw discussed in the paper was found and fixed many months ago. It was a flaw in the Android operating system and not in ECDSA, the Bitcoin protocol or any Bitcoin software. Title: Re: Vulnerabilities in ECDSA Post by: p2pbucks on April 26, 2014, 12:06:07 AM Use unique btc address , problem solved ;D
|