According to security evaluators, the Independent Security Evaluation Agency (ISE) recently released a new study called Ethercombing, which focuses on the security of the Ethereum wallet private key.
ISE found that there are currently 732 private keys on the Ethereum blockchain because of the low randomness and the risk of theft. In addition, since last year, a hacker group called “Blockchainbandit” has used the low-security private key to carry out the money-carrying activities, which reached 37,926 ETHs (then worth $54 million). To this day, the organization has not stopped.
Private key randomness is not high
The generation of the Ethereum public key and address depends on the private key. With the private key, the public key and address can be generated, and the Ether (ETH) on the corresponding address can be used.
The private key is essentially a random number, an array of 32 bytes, 1 byte equals 8 bits of binary, and a binary has only two values: 0 or 1. So the total number of private keys is nearly 2^(8*32)=2^256, and the probability of cracking the private key is 1/2^256.
ISE researcher Adrian Bednarek said that although there is theoretically a probability, it is impossible to force the private key to be cracked. Even if we use computing resources that allow us to generate 100 trillion keys per second, it takes about a few years. In fact, we don’t have such computing resources at all.
However, ISE found in the experiment that due to some errors in the code of the wallet software that generates the private key, the generated private key is not random and easily hacked by the computer (enumerating all possibilities).
For example, ISE says that a 256-bit private key should be:
Due to a problem with the code, the integrity of the private key is truncated to 32 bits on output, resulting in the following:
For computers, cracking a 32-bit private key is much harder than cracking a 256-bit private key.
In addition to wallet coding errors, memory reference problems, memory corruption, random device errors, random seed reuse, object obfuscation, stack corruption, input obfuscation, entropy errors, heap corruption, or unchecked precompiled encoding errors may result in insufficient private keys. , security is reduced.
ISE researchers found in the experiment that there are currently 732 private keys on the Ethereum blockchain that are not random and risky. The current private keys are still active and associated with 49,060 transactions on the chain.
To test the low-security private key found, the ISE researcher transferred an ETH worth $1 to one of the addresses, and the token was transferred a few seconds later.
ISE traced that Token eventually flowed to a hacker organization wallet called “Blockchainbandit.” The organization began stealing some of the less secure private keys from January 2018, with a balance of 37,926 ETHs at the peak, valued at $54 million. To this day, the organization has not stopped.
Ethereum itself has no problem
If there is a problem with the private key, does it mean that there is a loophole in the technology of the Ethereum blockchain itself? Ethereum researcher Hu Jingyu told the Odaily Planet Daily that the current low-security private key, mainly the issue of wallets, has nothing to do with Ethereum itself. Ethereum core developer Chen Yiwu also believes that Ethereum’s own algorithm is no problem.
Chen Yiwu added that in addition to random numbers, the K value used in the signature process will also affect the security of the private key. “A secret K value is used in the process of generating a signature. Currently, both BTC and ETH use RFC6979 to generate this value. This K value must be random and unique. However, some programmers who are not familiar with cryptographic algorithm programming are likely to ignore it. These details lead to the leakage of the private key.”
At the end of the report, ISE also gave advice to developers and users:
- Generate random numbers using well-known libraries or modules of specific platforms;
- Use a cryptographically secure pseudo-random number generator;
- Audit source code and generated compiled code to verify that randomly generated keys are not truncated;
- Use multiple entropy sources;
- Use NIST-compatible hardware random number generation instructions (RDRAND / RDSEED) provided by AMD / Intel*
- View NIST / FIPS Guide on Encrypted Random Number Generation
- Review and use the NIST Statistical Test Suite (NIST SP 800-22)
For users who use wallets:
- Do not use untrusted software that may acquire a private key;
- The private key should be completely random, so use a trusted software and hardware wallet to generate the private key;
- Do not generate a private key based on a password, as it is easier to crack.
Previously, the private key was always considered unbreakable, but from the current situation, the strong fortress first collapsed from the inside.
In addition, according to Arvind Krishna, head of the IBM Research Center, quantum computers can crack encrypted sensitive data protected by today’s most powerful security technologies, including private keys.
Source: Qin Xiaofeng | Mars Finance