Bitcoin Forum
December 11, 2016, 06:33:03 AM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Attack on/with Sign Message feature in bitcoin-qt?  (Read 1253 times)
Andreas Schildbach
Hero Member
*****
Offline Offline

Activity: 563



View Profile WWW
July 10, 2012, 03:12:05 PM
 #1

Bitcoin-qt offers a "sign message" dialog. It contains the warning

"Be careful not to sign anything vague, as philishing attacks may try to trick you into signing your identity over to them."

Can anyone give an example how such an attack would look like? I currently don't understand why this feature is present in bitcoin-qt (sending messages is something I use eMail or Jabber for) and also which attacks are possible because of this feature.

Bitcoin Wallet for Android: Your own Bitcoins, in your own pocket!
https://play.google.com/store/apps/details?id=de.schildbach.wallet
1481437983
Hero Member
*
Offline Offline

Posts: 1481437983

View Profile Personal Message (Offline)

Ignore
1481437983
Reply with quote  #2

1481437983
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
nimda
Hero Member
*****
Offline Offline

Activity: 784


0xFB0D8D1534241423


View Profile
July 10, 2012, 04:01:08 PM
 #2

currently don't understand why this feature is present in bitcoin-qt (sending messages is something I use eMail or Jabber for) and also which attacks are possible because of this feature.
Bitcoin relies on public-key cryptography. It makes sense for the client to offer a way to prove address ownership.

I recommend asking me for a signature from my GPG key before doing a trade. I will NEVER deny such a request.
drakahn
Hero Member
*****
Offline Offline

Activity: 504



View Profile
July 10, 2012, 04:10:32 PM
 #3

Bitcoin-qt offers a "sign message" dialog. It contains the warning

"Be careful not to sign anything vague, as philishing attacks may try to trick you into signing your identity over to them."

Can anyone give an example how such an attack would look like? I currently don't understand why this feature is present in bitcoin-qt (sending messages is something I use eMail or Jabber for) and also which attacks are possible because of this feature.


type of attack : you sign a vague message like "This is 100% me" for "PERSON A" and now "PERSON A" can just copy that message and post it claiming to own your address, so something less vague like "I am Goonie [some other details] and i own the address [address]" ... so its only useful to the person said details fits to

14ga8dJ6NGpiwQkNTXg7KzwozasfaXNfEU
Meni Rosenfeld
Donator
Legendary
*
Offline Offline

Activity: 1890



View Profile WWW
July 10, 2012, 04:16:47 PM
 #4

I currently don't understand why this feature is present in bitcoin-qt (sending messages is something I use eMail or Jabber for)
The feature is there to allow people to prove that they are the owners of a specific address.

Can anyone give an example how such an attack would look like?
An attack would essentially require the combination of
1. A negligent service provider, C, requesting signing a random code to prove ownership.
2. A negligent customer, A, willing to sign arbitrary data.
3. An attacker, B, in a position to convince A to sign a message. The attack will allow him to usurp A.

The attack goes more or less like this:
B to C: Hi, I just sent you payment from address X, I want a pink pony.
C to B: Sure, but first you need to prove that you own address X. Please sign the following - "fkj32yf7834hfzjkh".
B to A: Can you please sign this for me? "fkj32yf7834hfzjkh"
A to B: Here you go - "xnjkxyh3789dfy2389fhk"
B to C: The signature is "xnjkxyh3789dfy2389fhk".
C to B: Thanks, pony sent!

How the attack would be thwarted:
B to C: Hi, I just sent you payment from address X, I want a pink pony.
C to B: Sure, but first you need to prove that you own address X. Please sign the following - "I want C to send me a pink pony".
B to A: Can you please sign this for me? "I want C to send me a pink pony"
A to B: Wait, what? I don't want a pink pony.

1EofoZNBhWQ3kxfKnvWkhtMns4AivZArhr   |   Who am I?   |   bitcoin-otc WoT
Bitcoil - Exchange bitcoins for ILS (thread)   |   Israel Bitcoin community homepage (thread)
Analysis of Bitcoin Pooled Mining Reward Systems (thread, summary)  |   PureMining - Infinite-term, deterministic mining bond
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!