Connect with us

Cryptocurrencies

Researchers Find Vulnerability for Bitcoin, Ethereum, and Ripple Digital Signatures in Faulty Implementations

Published

on

Researchers recently identified vulnerabilities in cryptographic signatures for Bitcoin, Ethereum, and Ripple, that allowed attackers to calculate private keys and, consequently, steal any crypto in that wallet. In total, the researchers calculated hundreds of Bitcoin private keys and dozens of Ethereum, Ripple, SSH, and HTTPS private keys using this unique form of cryptanalytic attack.

In the paper Biased Nonce Sense: Lattice Attacks against Weak ECDSA Signatures in Cryptocurrencies, researchers utilize a method to calculate private keys by analyzing Bitcoin signatures. The researchers were also able to apply these techniques to Ethereum and Ripple.

That said, these vulnerabilities only occur in edge cases where code is not implemented by developers properly, or likely occurred because of faulty multi-signature hardware. The research emphasizes the resiliency of the cryptographic schemes used by cryptocurrencies, as well as highlights the importance of proper implementation.

Background on Research

Whenever crypto holders make a transaction, they are required to create a cryptographic signature using an elliptic curve digital signature algorithm (ECDSA). In this algorithm, the software comes up with an arbitrary number that is used just once for communication—this number is called a nonce.

It is critical that the software signs each transaction with a different nonce, otherwise hackers can (rather easily) find and calculate the signers’ private key. There is even evidence that hackers continuously monitor the blockchain for these kinds of repeated nonces, extracting money from compromised keys.

What’s less well-known is that attackers can calculate keys from signatures that use different, but similar nonces. For example, if nonces have characters that are similar at the beginning of the signature, or if the nonce has characters that are similar at the end of a signature, then some big bad terrible thing will happen.

What the Researchers Say

CryptoSlate contacted both authors of the paper: Dr. Nadia Heninger is an associate professor of computer science at the University of California. Joachim Breitner, is a senior researcher at DFINITY. According to Dr. Heninger, the vulnerability was described as follows:

“The ECDSA digital signature algorithm requires generating a random number for each signature, which is often called a “nonce” (This is different from the nonces used in cryptocurrency mining). If these random values used in the signatures are not generated properly, in some cases, an attacker can compute the private signing keys. The types of nonce vulnerabilities that we exploited were implementations that generated values that were much shorter than they should have been, or values that shared most or least significant bits.”

And, using some advance math called lattices, the two were able to crack some of these wallet addresses and find the private keys:

“For the nerds in the audience, lattice algorithms allow us to find small solutions to underconstrained systems of linear equations. There are a number of crypotanalytic techniques that use lattice algorithms as a building block.”

As stated in the paper, any non-uniformity in the generation of these signature nonces can reveal private key information. Given a sufficient number of signatures, hackers can compute private keys and gain access to a user’s wallet and drain its funds.

Do Crypto Users Need to Worry?

According to Dr. Heninger and Breitner, the vast majority of cryptocurrency users need not worry:

“The only reason this would happen is if there is some type of bug in the digital signature code.”

Furthermore, as long as developers use the proper techniques and documented methods to ensure user security, the signature scheme is considered secure:

“As far as we know, ECDSA is a secure digital signature algorithm if implemented correctly. We concluded that these were not common implementations based on the fact that we only found a few thousand vulnerable signatures out of nearly a billion Bitcoin signatures that we examined.”

Furthermore, these vulnerabilities are only “specific to distinct implementations. Furthermore, the authors speculate that the faulty implementationn could possibly be a result of a few multifactor security devices:

“The mention of multifactor security is specific to the case of the signatures we found with 64-bit nonces on the Bitcoin blockchain. Nearly all of them were part of multisig addresses, which is not the usual case on the blockchain, hence our guess of the source. There has since been some further speculation about the specific implementation.”

Now, there are ways for developers to implement ECDSA without the vulnerabilities described in the paper, even for hardware devices. According to Breitner:

“The official blockchain clients get their crypto right… since 2016, the Bitcoin client uses deterministic signatures (RFC6979) which completely removes the need for randomness in the process [eliminating the possibility of the kind of attack employed by the researchers]. If you are using non-standard libraries, or if you write your own crypto routines… you should make sure that these use RFC6979. This is even more important on embedded devices or hardware tokens where a good source of randomness might be hard to come by.”

Profitable for Attackers?

Ultimately, these kinds of attacks are not cost-effective given the amount of time, electricity, and computational power needed to conduct them—even with this new tool added to their arsenal:

“Given that attackers are already exploiting other cryptographic vulnerabilities to compromise wallets, it seems likely that this will be added to their arsenal. However, if one has to pay for the computing time to do the computation, it is probably not a cost-effective attack given the balances that we found associated with vulnerable keys.”

At the end of the day, the research reassures cryptocurrency users that the cryptography underlining Bitcoin and other digital currencies is sound. With tens of thousands of people scrutinizing the underlying code for these systems, it is a testimony that the core security schemes, if used properly, still adequately protect the user—for now.

Commitment to Transparency: The author of this article is invested and/or has an interest in one or more assets discussed in this post. CryptoSlate does not endorse any project or asset that may be mentioned or linked to in this article. Please take that into consideration when evaluating the content within this article.

Source: CryptoSlate

Advertisement

Cryptocurrencies

These are the 3 coins to watch for Q2 2019 – Cryptocurrency

Published

on

These are the 3 coins to watch for Q2 2019 – Cryptocurrency

Which coins are worth keeping an eye on in Q2 of 2019? What are the cryptocurrency projects that are planning big releases, upgrades, updates or even launches of their mainnet in the next three months? These are the 3 coins to watch for in Q2 2019 …

The verdict’s still out on whether the altcoin season is back or not.

However, as Chepicap recently reported, Google Trends has suggested that the topic of altcoins is spiking to levels that haven’t been seen since the 2017 bull run, and as Bitcoin dominance has been slanting ever downwards since its yearly high of 57.86% in September 2018, the writing could be on the wall that altcoin season is about to enter the daily crypto scene once again.

Crypto winter may continue on for months, or even years, but if an altcoin season is imminent, there might be a few projects worth watching as solid contenders to make further upward moves into the top ranks of cryptocurrencies by market cap.

With that in mind, Chepicap brings you the three altcoins to watch for in April 2019.

First up:

Stellar (XLM)

Stellar is living up to its name and has had indeed a ‘Stellar’ ride over the last few weeks, most notably helped out by the announcement that IBM would be utilizing the Stellar network for its World Wire global payment service.

Now that XLM has the momentum on its side, it might even break out of the ‘crypto winter’ bearish trend and break out above $0.12, where it could push on to test $0.14. If XLM eventually breaks through that resistance level, though it might take some time, it could begin its climb up to $0.18.

If news continues to be this positive for the current number 8 cryptocurrency, XLM could see a test up to the $0.18 level later this year, most likely closer towards the Fall season. Of course, if XLM breaks out of what regular technical analysis predicts, then XLM will get there a whole lot sooner.

XLM has seen a 20% increase in price over the second week in March, which has caused the market capitalization of the project to climb from $1.66 billion to almost $2.2 billion. The payment network is now hot on the heels of Binance Coin which also has seen massive growth over 2019.

The Stellar payments network has seen many impressive advancements over the last few months, which will only contribute to the further success of the blockchain project’s native cryptocurrency, lumens (XLM).

While the markets have seen their fair share of green these last few weeks, the most notable movement was without a doubt Stellar leapfrogging Tether. A jump that followed the news of the projects listing on Coinbase Pro.

Coinbase’s fresh listing of XLM will surely raise the exposure to the coin’s profile as well.

Together with the announcement that Mozilla Chief Operating Officer, Denelle Dixon will be joining the Stellar team as the new Executive Director, the team also announced the new logo for the project.

In just little over two weeks time, Stellar managed to hire a new top executive, land a top exchange listing, launch a rebrand of the project, and add 6 international banks which plan to launch stablecoins on IBM and Stellar’s World Wire.

All of which could and should be a catalyst for the projects further success during Q2 in 2019.

Next:

Vechain (VET)

VeChain, the 23rd-largest crypto by total market cap, is a blockchain platform which has its main focus on supply chain management, smart contracts, and financial services.

No, blockchain technology isn’t just limited to finance. There are literally dozens, if not hundreds of areas waiting to be disrupted by blockchain technology. One of the most important ones, fundamental to almost all of the parts of the manufacturing world, is the supply chain, which is where VeChain comes in and where it endeavors to be the absolute number one.

The company started off more than a decade ago, in 2007 as a project, which went on to launch its crypto token in 2015.

VeChain, which has established its offices in Paris, Tokyo, Singapore, and Shanghai, has partnered with a multitude of companies which have a wide variety in expertise in different domains such as agriculture, luxury goods, food, or logistics.

A huge benefit of the VeChain foundation was the introduction of a two-coin system, namely, VET and VeThor, in a bid to provide more stability, and flexibility. It will assist to prevent transactional fees being directly exposed to price volatility, and it will make the VeChainThor blockchain more suitable to conduct financial activities with governments, companies, and the general public traders.

Vechain has positioned itself as a leading platform in the food and wine industry. Earlier in January, the blockchain platform was adopted by three of the biggest wine producers in Italy and in February VeChainThor was featured on the Italian national television this week. Rai 1, the flagship television channel of Rai, Italy’s national public service broadcaster, where they did a report on a breakthrough in the protection of high-quality Italian wines.

Global certification body DNV-GL is now using the VeChain platform to track its wines step for step, resulting in more transparency and less counterfeiting in the wine space.

In addition, Vechain has also extended the scope of the company towards other security sectors like food safety and anti-counterfeiting. In recent months Vechain has seen a major rise in the number of companies adopting its solutions.

Back in January, VeChain announced major partnerships with relevant companies including healthcare company Milly and VET has also been supported by leading storage solution Trust Wallet since February 28.

VeChain has accelerated its integration within the mainstream crypto market. First, by rebranding VeChain as VeChain Thor and introducing its new token as VET, later, with announcements about partnerships with companies like LogSafer, Xminnov, D.I.G, DNV.GL, Renault, BitOcean, China Unicom, and BMW.

Even though the Bitcoin price is still struggling to recover from a catastrophic 2018, and has a hard time to even hold above the $4,000 mark, many different altcoins have seen some impressive gains since the beginning of this year, and Vechain is definitely one of 2019’s best altcoin performers in the top 50.

Vechain’s total market cap currently stands at $293 million and has seen impressive gains of 33% for 2019 so far.

VET is now at its highest price level since the end of November in 2018.  The most recent price spike, of around 17%, was on March 12, which corresponded with a peak trading volume of around $31.4 million.

The price of Vechain has been quite steady in the last few weeks with no significant ups or downs in value. The 23rd-largest cryptocurrency has continued to hover within the $0.005 mark in the past week.

It currently trades for $0.0054 and saw a loss of -2.55% in the last 24 hours. However, the recent partnerships and upcoming VeChain Summit 2019 in San Fransisco on April 18, are expected to give a nice boost to the price of the coin. VeChain remains perfectly placed as we are finding ourselves closer to Q2 2019.

Last, but not least:

The BitTorrent token

BitTorrent Token, a project that didn’t even exist before January 2019, has been making a huge impact on the cryptocurrency market by leapfrogging itself into the rank of the 47th biggest cryptocurrency by market cap.

Read more: 6 Altcoin newcomers in the top 50

Even as BTT has only been around for a few short months, it has already been characterized by its frequent bull runs. The most recent bull run saw the token surge 9%, making it the biggest earner amongst the market’s 50 biggest cryptocurrencies.

According to one trader, BTT has encountered a golden cross, which is a candlestick pattern indicating a short term moving average, crossing above a long term moving average, with higher trading volume, a clear sign of an incoming bull market.

Another trader pointed out that BTT had crossed above a bearish trendline, indicating a bullish move upwards, but added that he would remain apprehensive unless BTT closed above this position.

Chepicap previously pointed out that the actual cause for this bullish momentum most likely is the test launch of BitTorrent Speed, dubbed by Justin un CEO of Tron as ‘the worlds largest decentralized app.’

In the Tron weekly review, the company confirmed that the much awaited BitTorrent Speed will be launched in the second quarter of 2019.

As per the BTT white paper BitTorrent Speed is the application that will reward BitTorrent users with BTT for seeding and bandwidth, enabling faster downloads, and give 100M+ users the opportunity to support content creators all around the world from their torrent client.

As the first version of the BTT live product is planned to launch in BitTorrent by end of Q1 2019 and airdrops will continue to occur on the 11th of each month, one can expect that in Q2 BitTorrent is looking set to defy the cryptocurrency markets even further.

News Source

Continue Reading

Cryptocurrencies

Mineable Cryptocurrencies Are Far More Valuable Than Non-Mineable Coins

Published

on

There are 2,121 digital currencies tracked on market websites with a net valuation of around $140 billion. Statistics for the end of Q1 2019 show mineable digital assets to be the most valuable cryptocurrencies on the market today, with the top eight mineable coins representing 68 percent of the entire cryptoconomy.

Also read: Bitcoin and the Agora: Every Transaction Outside the Nexus of State Control Is a Victory

Mineable Cryptocurrencies Capture Close to 70% of the Market

There are a lot of cryptocurrencies these days but only a handful have a significant fiat value and a large community of supporters. Currently, there are only four cryptocurrencies within the top 10 market capitalizations that are mineable. The remainder have already been minted like Ripple’s XRP, Stellar’s XLM, various initial coin offerings and a few that use the proof-of-stake (PoS) mechanism. The four cryptocurrencies in the top 10 (BTC, ETH, LTC, and BCH) that can be mined have a combined market cap of around $91.7 billion. These coins constitute approximately 65.5 percent of the entire crypto ecosystem’s net worth. The rest of the top 10 non-mineable cryptos are worth a combined total of about $24 billion, which is 17 percent of the whole economy.

Mineable Cryptocurrencies Are Far More Valuable Than Non-Mineable Coins
Top 10 market cap with the top four mineable coins highlighted.

Moreover, there are only eight mineable cryptocurrencies within the top 20 crypto market capitalizations. The coins joining BTC, ETH, LTC, and BCH include BSV, XMR, DASH, and ETC. These mineable cryptos are worth $3.32 billion or 2.2 percent of the entire economy’s valuation. The eight combined mineable coins capture around 67.7 percent dominance and are worth far more than 2,100 other cryptos. All of the top coins that are mineable can be mined by anyone with a standard GPU and ASIC machine. Coins like XMR and ETH have community members who believe in some form of ASIC resistance and when LTC first launched it was supposed to be ASIC resistant but that goal failed almost immediately.

Certain Mining Pools Have Skin in the Game Across Several Cryptocurrency Networks

One interesting fact is that all of the four mineable coins in the top 10 have the same mining pools processing coins. Both BTC and BCH have a great overlap of mining pools that process coins on both networks including organizations such as BTC.com, Antpool, Bitcoin.com, and Viabtc. Similarly, the LTC network has some overlap with both the BTC and BCH networks with pools like F2pool, Antpool, Poolin, and Viabtc.

Mineable Cryptocurrencies Are Far More Valuable Than Non-Mineable Coins
BTC and BCH mining pools have a big overlap of miners processing both chains.

It’s also worth noting that on all three networks these woven sets of mining pools have dominant shares of hashrate in each network. ETH, on the other hand, has very little overlapped pools except for the prominent F2pool capturing a large chunk of ETH’s hash power. At the end of this year’s first quarter, both BTC and BCH have a decent amount of unknown miners. Currently unknown miners processing BCH capture roughly 19.4 percent of the network hashrate. Meanwhile, unidentified miners on the BTC chain have about 23.9 percent of the current hashrate.

Mineable Cryptocurrencies Are Far More Valuable Than Non-Mineable Coins
ETH and LTC have a lot less overlap except for F2pool.

There’s a wide variety of coins these days, many of whose teams criticize mineable cryptos for ‘wasting’ resources. This is a huge talking point for certain pre-mined coins that ditch the proof-of-work consensus algorithm but data clearly shows mineable assets are close to two-thirds more valuable than non-mineable tokenized assets. The public can also see that a good portion of the world’s top mining pools diversify their hashrate, demonstrating the faith they hold in these mineable digital assets.

What do you think about the top mineable coins being more valuable than the rest of the cryptconomy? Let us know what you think about this subject in the comments section below.

Image credits: Shutterstock, Coin Dance, Blockchain.com, and Pixabay.

At Bitcoin.com there’s a bunch of free helpful services. For instance, have you seen our Tools page? You can even look up the exchange rate for a transaction in the past. Or calculate the value of your current holdings. Or create a paper wallet. And much more.

Source.news.bitcoin

Continue Reading

Cryptocurrencies

Bitcoins’ (BTC) Sudden Movement Suggests a Dump, But ETH, EOS, LTC, BCH And BNB Take Lead for Altseason

Published

on

Bitcoins’ (BTC) Sudden Movement Suggests a Dump, But ETH, EOS, LTC, BCH And BNB Take Lead for Altseason

The market apprehension for a movement in Bitcoin price grows by each passing day. It might be an indication of accumulation in Bitcoin. However, some technical indicators also suggest a downward motion. The bearish engulfing channel on 21st March with a break-down from the uptrend indicate bearish momentum for Bitcoin.

The price of Bitcoin (BTC) at 13 00 UTC on 24 March 2019 is trading at $4027. The price on a weekly scale reflects no movement. However, there was a dump on 21st March from which the market has recovered. Nevertheless, $3850 on the downside and $4150 on the upside remains the primary support and resistance level respectively.

On the Fundamental front, traders are awaiting the Mt. Gox credit date. It is estimated that about $600 million in cryptocurrencies and FIAT will be reimbursed to the victims of the hack in 2014. Hence, the market is unsure whether it will result is a spike or a downtrend. The Bitcoin ETF proposal which is expected to increase the demand for Bitcoin as an asset is also pending eternally with the US SEC with no confirmed deadline.

Ethereum and EOS Continues to Consolidate

Ethereum which was under bearish pressure since June in 2019, looks to break above the 50,100 and 200-Day Moving Average. The three Moving Average lines are coinciding with each other on the 1-day chart of ETH/BTC.

Ethereum has stayed stable over the week near the $140 mark in the range of $3. The price of Ether (ETH) at 13 00 UTC on 24 March 2019 is trading at $137.5.

Ether chart
ETH/BTC 1D Chart on Bittrex

EOS which was recently ranked above Ethereum in a Chinese Survey has continued to maintain a stable position at number five w.r.t to total market capitalization. The price of EOS at 13 00 UTC on 24 March 2019 is trading at $3.65. It is trading 3.5% lower on a weekly scale.

Litecoin (LTC) and Bitcoin Cash (BCH) Price Movements

The price of Litecoin (LTC) at 13 00 UTC on 24 March 2019 is trading at $60.06. It is trading 2% lower on the weekly scale, but the decisive break above $60 seems to mark bullish momentum for Litecoin. The price is also moving above the 50,100,200-Day Moving Average.

Litecoin chart
LTC/BTC 1-D chart on Bittrex

The price of Bitcoin Cash (BCH) at 13 00 UTC on 24 March 2019 is trading at $166.62. It is trading 9.24% higher on the weekly scale. The 1-Day chart of Bitcoin Cash resembles the chart of Litecoin. Moreover, their utility and performance are also comparable. Hence, in a diverse cryptocurrency market coupling of these currencies is a possibility.

Cardano’s ADA Out-Performs the Other Platforms

The price of Cardano’s token (ADA) at 13 00 UTC on 24 March 2019 is trading at $0.062. It is trading 22% higher on the weekly scale. IOHK, the Hong-Kong parent organization behind Cardano announced the successful completion of its Byron Phase and has successfully moved to the Shelly phase. Despite stiff competition from other popular platforms like Ethereum, EOS, and Tron, Caradon continues to be in the top ten cryptocurrencies by market capitalization.

Cardano
Cardano Updates Roadmap

Binance (BNB) Coin and Huobi Token (HT)

The Exchange based token Binance (BNB) coin and Huobi Token (HT) have made significant progress since the beginning of the year 2019. These two are the most successful Exchange backed tokens. Nevertheless, BNB is ranked 7th while Huobi Token (HT) is ranked 50th w.r.t total market capitalization.

The price of Binance (BNB) Coin at 13 00 UTC on 24 March 2019 is trading at $17.02. It is trading 7.64% higher on the weekly scale. The price of Huobi Token (HT) at 13 00 UTC on 24 March 2019 is trading at $2.52. It is trading 22% higher on the weekly scale.

Some of the other notable action in altcoin market was observed in Basic Attention Token (BAT), Tezos (TZX), Zcash (ZEC), Augur (REP), Digibyte (DGB), Huobi Token (HT), Enjin Coin (ENJ), and OmiseGo (OMG). These tokens registered double-digit gains over the week. The rise in Tezos (TZX) was the highlight with a surge of almost 40% followed by Huobi Token (HT) and Digibyte (DBG).

News Source

Continue Reading
Advertisement
Advertisement
Open

Close