Bitcoin Forum
November 20, 2018, 04:49:42 PM *
News: Latest Bitcoin Core release: 0.17.0 [Torrent].
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: [2015-08-13] CD: New Cracking Tool Exposes Major Flaw in Bitcoin Brainwallets  (Read 510 times)
Grand_Voyageur
Sr. Member
****
Offline Offline

Activity: 322
Merit: 250


https://dadice.com | Click my signature to join!


View Profile WWW
August 13, 2015, 06:16:12 PM
 #1

New Cracking Tool Exposes Major Flaw in Bitcoin Brainwallets

Quote
A white-hat hacker has released a new tool designed to illustrate the ease with which illicit actors can steal bitcoins from brainwallets, a type of bitcoin wallet iteration where passwords are not stored digitally – but in the memory of the user.

Originally conceived as a way to keep sensitive wallet data offline and make bitcoin addresses easier to remember, the brainwallet was partly undone due to how it interacts with the bitcoin blockchain. A brainwallet uses a single, long password or phrase, converts it to a private key, a public key and finally an address. Using an offline attack, it's possible to rapidly guess potential passwords to see if they're correct.

New research by Ryan Castellucci, a security researcher at digital fraud firm White Ops, indicates there is as major flaw in this method. He highlights that the final bitcoin address is recorded in the blockchain as a password hash. When used for website authentication, password hashes help determine whether the word or phrase supplied is correct, meaning this data can be used as a reference to bad actors looking for the password.

Full story: http://www.coindesk.com/new-cracking-tool-exposes-major-flaw-in-bitcoin-brainwallets/

███████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████
█   ⚂⚄⚀⚃⚅⚁    ██  d a d i c e  ██    Next Generation Dice Game
• Low 1% house edge. • Provably Fair.  
███████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████
1542732582
Hero Member
*
Offline Offline

Posts: 1542732582

View Profile Personal Message (Offline)

Ignore
1542732582
Reply with quote  #2

1542732582
Report to moderator
1542732582
Hero Member
*
Offline Offline

Posts: 1542732582

View Profile Personal Message (Offline)

Ignore
1542732582
Reply with quote  #2

1542732582
Report to moderator
Unlike traditional banking where clients have only a few account numbers, with Bitcoin people can create an unlimited number of accounts (addresses). This can be used to easily track payments, and it improves anonymity.
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
Sandra89
Newbie
*
Offline Offline

Activity: 112
Merit: 0


View Profile
April 22, 2018, 11:52:45 AM
 #2

New Cracking Tool Exposes Major Flaw in Bitcoin Brainwallets

Quote
A white-hat hacker has released a new tool designed to illustrate the ease with which illicit actors can steal bitcoins from brainwallets, a type of bitcoin wallet iteration where passwords are not stored digitally – but in the memory of the user.

Originally conceived as a way to keep sensitive wallet data offline and make bitcoin addresses easier to remember, the brainwallet was partly undone due to how it interacts with the bitcoin blockchain. A brainwallet uses a single, long password or phrase, converts it to a private key, a public key and finally an address. Using an offline attack, it's possible to rapidly guess potential passwords to see if they're correct.

New research by Ryan Castellucci, a security researcher at digital fraud firm White Ops, indicates there is as major flaw in this method. He highlights that the final bitcoin address is recorded in the blockchain as a password hash. When used for website authentication, password hashes help determine whether the word or phrase supplied is correct, meaning this data can be used as a reference to bad actors looking for the password.

Full story: http://www.coindesk.com/new-cracking-tool-exposes-major-flaw-in-bitcoin-brainwallets/

Кoгдa выpacтит бтк дo $20к ?
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!