Researchers crack online encryption system - Bitcoin affected?

[tosaki]

http://www.computerworld.com/s/article/9224265/Researchers_crack_online_encryption_system?taxonomyId=85

Is Bitcoin affected?

[1714142825]

1714142825

[1714142825]

1714142825

[BurtW]

First thing:

The researchers studied 6.6 million public keys generated using the RSA algorithm, and found that 12,720 were not secure at all and 27,000 others were vulnerable.

Bitcoin does not use RSA it uses Eliptical Curve Cryptography (ECC).

Second thing:

the problem had to do with the manner in which the keys were generated

not the underlying cryptographic system.

[theymos]

The paper is mostly about potentially worrying trends in RSA, which Bitcoin doesn't use.

Summary of the paper: We gathered several million TLS/PGP certificates in the wild. A surprisingly large percentage of RSA keys and maybe a few DSA keys were generated in such a way that they share certain properties with other keys which are never supposed to be shared, making encryption using the affected keys weak or totally useless. We're not sure why this happened.

[hashman]

*affected.

The paper:
eprint.iacr.org/2012/064.pdf

With their extensive collection of millions of keys they only found 1 ECDSA public key.

Can anybody think of somewhere they could look to find a few more ECDSA public keys?

[BurtW]

 

[Vandroiy]

Read: business dudes can't do crypto. Tell me something new. *yawns*

In fact, this is a fairly good result. I know someone who's good at crypto, and boy, he discovers flaws everywhere, all the time, mostly by accident. He didn't have much to complain about concerning Bitcoin, so I guess it's safe enough for now. Only thing I could complain about is the standard client being written in C++, a language in which unsafe context is the standard paradigm.

But that's not an issue of the Bitcoin protocol. Alternative clients will hopefully pop up as Bitcoin evolves, which would be desirable for many reasons anyway... nice! I just found BitcoinSharp, a .NET/Mono compatible port of BitcoinJ. Hell yeah, I might even make my own "lite" client version with this.

Bottom line: Bitcoin protocol seems secure, and Bitcoin infrastructure is evolving as we speak. Stay careful for now, but the long-term outlook is good!

[tosaki]

My technical knowledge/english was not good enough to understand the details.. thank you guys.

[Proofer]

... C++, a language in which unsafe context is the standard paradigm.

What are some languages for which a safe context is the standard paradigm and which could be used to generate both Windows and *nix targets?

[check_status]

What are some languages for which a safe context is the standard paradigm and which could be used to generate both Windows and *nix targets?

Assembly

[Gavin Andresen]

This doesn't affect Bitcoin at all, because the ECDSA algorithm that Bitcoin uses does not use pairs of prime numbers to do it's thing.

[DiThi]

The only vulnerability known to ECDSA are timing attacks (measuring how long it takes to generate a key). Bitcoin does not suffer of this because it always generates a pool of keys instead of a single one and there's no way of knowing how long it took (at least with the implementations I've seen).