What do you guys think of this?
http://www.reddit.com/r/CryptCoin/comments/28e8be/security_analysis_of_cryptcoins_cryptcast_feature/Security analysis of CryptCoin's CryptCast feature
SUMMARY CryptCoin with CryptCast probably provides no more security than Bitcoin. CryptCoin users are advised to NOT ASSUME that their transactions will be more "private" (or "secure" in any sense) than regular Bitcoin transactions. Using CryptCoin instead of Bitcoin may in fact reveal more information about parties that are involved in transactions.
1. This document describes some potential security vulnerabilities in CryptCoin's CryptCast feature.
This feature is described in this document:
http://cryptco.org/Cryptcoin-CryptCast-Anonymous-Whitepaper.pdf2. Simplifed example of CryptCast algorithm:
- Wallet A wants to send coins to Wallet B,
- Wallet A must somehow find the public key of Wallet B (this may be published on website, for example),
- Wallet A sends encrypted message to Wallet B: "I want to send you 10 coins in 3 transactions."
- Wallet B sends back encrypted message to Wallet A: "Ok, send them to ADDRESS1, ADDRESS2 and ADDRESS3."
- Wallet A sends 10 coins to addresses ADDRESS1, ADDRESS2 and ADDRESS3 in three separate transactions.
3. When Wallet A sends coins to Wallet B, these are just regular transactions that are visible in blockchain. The coins are not even "mixed" with coins from other transactions (CoinJoin concept).
So these transactions can be easily analysed with the same methods that can be used on Bitcoin blockchain. In fact it is probably even easier to do this kind of analysis because of smaller number of users/transactions.
4. When Wallet A wants to send coins to Wallet B, it must know only it's public key. With this public key it can request some new addresses from Wallet B.
In this case the third party has no direct access to these newly generated addresses.
However, this is also true when paying with Bitcoins: - user goes to merchant's website via HTTPS, - clicking button "buy now" which generates new address (in fact, it could generate multiple addresses), - user uses its wallet to send coins to these newly generated addresses.
So CryptCast does nothing else that Bitcoin is already doing today.
5. CryptCast's secure transactions are optional.
Secure transactions don't work if the computer of receiving party is not running a wallet (or is not online etc.). If the wallet is not running, then nobody can use secure transactions to send coins to this wallet.
However, this makes system very unsecure. If user of Wallet A uses secure transaction to send coins to Wallet B, it cannot "force" the user of Wallet B to use secure transaction when sending coins to Wallet C.
If the Wallet B sends coins to Wallet C using nonsecure transactions, this can make blockchain analysis much easier and the party that owns Wallet A can be much easier identified. In this case the analysis of blockchain is not "harder" than in the case of Bitcoin.
Nonsecure transactions usually use different "inputs" and they send them to one or more outputs. This automatically "proves" that the all these inputs belong to the same party (because there is no "mixing" involved at all). This effectively "nullifies" effect of secure transaction that was used to send coins from Wallet A to Wallet B.
6. When wallets are online, they respond to requests for secure transactions. This allows attack which can relate most wallet public keys with their IP address.
See this Coindesk article for short description of attack on Bitcoin network:
http://www.coindesk.com/eavesdropping-attack-can-unmask-60-bitcoin-clients/The similar attack can be used to reveal IP addresses that correspond to "public keys" of targeted wallets.
Such attack on CryptCoin network could be done almost trivially because of smaller number of nodes and because wallets must be online all the time to be able to accept secure transactions.
