Bitcoin Forum
September 23, 2018, 01:59:12 AM *
News: ♦♦ New info! Bitcoin Core users absolutely must upgrade to previously-announced 0.16.3 [Torrent]. All Bitcoin users should temporarily trust confirmations slightly less. More info.
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: [2015-08-13] CD: New Cracking Tool Exposes Major Flaw in Bitcoin Brainwallets  (Read 504 times)
Grand_Voyageur
Sr. Member
****
Offline Offline

Activity: 322
Merit: 250


https://dadice.com | Click my signature to join!


View Profile WWW
August 13, 2015, 06:16:12 PM
 #1

New Cracking Tool Exposes Major Flaw in Bitcoin Brainwallets

Quote
A white-hat hacker has released a new tool designed to illustrate the ease with which illicit actors can steal bitcoins from brainwallets, a type of bitcoin wallet iteration where passwords are not stored digitally – but in the memory of the user.

Originally conceived as a way to keep sensitive wallet data offline and make bitcoin addresses easier to remember, the brainwallet was partly undone due to how it interacts with the bitcoin blockchain. A brainwallet uses a single, long password or phrase, converts it to a private key, a public key and finally an address. Using an offline attack, it's possible to rapidly guess potential passwords to see if they're correct.

New research by Ryan Castellucci, a security researcher at digital fraud firm White Ops, indicates there is as major flaw in this method. He highlights that the final bitcoin address is recorded in the blockchain as a password hash. When used for website authentication, password hashes help determine whether the word or phrase supplied is correct, meaning this data can be used as a reference to bad actors looking for the password.

Full story: http://www.coindesk.com/new-cracking-tool-exposes-major-flaw-in-bitcoin-brainwallets/

███████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████
█   ⚂⚄⚀⚃⚅⚁    ██  d a d i c e  ██    Next Generation Dice Game
• Low 1% house edge. • Provably Fair.  
███████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████
1537667952
Hero Member
*
Offline Offline

Posts: 1537667952

View Profile Personal Message (Offline)

Ignore
1537667952
Reply with quote  #2

1537667952
Report to moderator
Make a difference with your Ether.
Donate Ether for the greater good.
SPRING.WETRUST.IO
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1537667952
Hero Member
*
Offline Offline

Posts: 1537667952

View Profile Personal Message (Offline)

Ignore
1537667952
Reply with quote  #2

1537667952
Report to moderator
1537667952
Hero Member
*
Offline Offline

Posts: 1537667952

View Profile Personal Message (Offline)

Ignore
1537667952
Reply with quote  #2

1537667952
Report to moderator
1537667952
Hero Member
*
Offline Offline

Posts: 1537667952

View Profile Personal Message (Offline)

Ignore
1537667952
Reply with quote  #2

1537667952
Report to moderator
Sandra89
Newbie
*
Offline Offline

Activity: 112
Merit: 0


View Profile
April 22, 2018, 11:52:45 AM
 #2

New Cracking Tool Exposes Major Flaw in Bitcoin Brainwallets

Quote
A white-hat hacker has released a new tool designed to illustrate the ease with which illicit actors can steal bitcoins from brainwallets, a type of bitcoin wallet iteration where passwords are not stored digitally – but in the memory of the user.

Originally conceived as a way to keep sensitive wallet data offline and make bitcoin addresses easier to remember, the brainwallet was partly undone due to how it interacts with the bitcoin blockchain. A brainwallet uses a single, long password or phrase, converts it to a private key, a public key and finally an address. Using an offline attack, it's possible to rapidly guess potential passwords to see if they're correct.

New research by Ryan Castellucci, a security researcher at digital fraud firm White Ops, indicates there is as major flaw in this method. He highlights that the final bitcoin address is recorded in the blockchain as a password hash. When used for website authentication, password hashes help determine whether the word or phrase supplied is correct, meaning this data can be used as a reference to bad actors looking for the password.

Full story: http://www.coindesk.com/new-cracking-tool-exposes-major-flaw-in-bitcoin-brainwallets/

Кoгдa выpacтит бтк дo $20к ?
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!