Nobody yet knows how 5 million of dollars in bitcoins were stolen from bitstamp (reported on 5 Jan 2015). One expert report by Ferrin can be found here, however it is not clear if anybody knows at all HOW these bitcoins have been stolen. The bitcoin address of the thief is also known. Possibly bitcoin …
Continue reading ‘Speculation About The New Theft – 5 Million Dollars Stolen’ »
It appears that at least 100,000 USD were recently stolen from Blockchain.info wallets. Then a lot more was stolen again as reported on 15 Dec. Let us try to get make sure that we understand these events properly. Historical Background Bad random events in the blockchain have been known since January 2013. We have written on this …
Continue reading ‘Now At Least 200,000 USD Stolen From Blockchain.Info Wallets’ »
In a recent paper, Ittay Eyal from Cornell University takes the block withholding attacks to the next level. Very interesting work. We are going to decrypt and clarify a few things regarding this paper and how it relates to other previously published works (in particular our paper). The Invention of Block Withholding The danger of a block …
Continue reading ‘Block Withholding Attacks – Recent Research’ »
There is very little hope. Here is the latest revision (November 2014) of the recent paper this topic (May 2014) which explains how anyone can link seemingly anonymous bitcoin accounts to IP addresses. These recent de-anonymization techniques can be easily implemented, and are also expected to distinguish between different users are sharing the same IP address and …
Continue reading ‘Can Bitcoin Users Hope To Remain Anonymous’ »
Bad random events are still happening in the bitcoin blockchain, such events are observed on a regular basis. They are probably due to some yet unpatched software (cf. section Mitigation Points here). Here is the latest such event at the moment of writing, it has occurred on 29 November 2014, see here. Two different bitcoin …
Regin is a highly targetted malware designed to watch over just a handful of targets, with only around 100 infections uncovered since 2008, including the famous cryptographer Jean-Jacques Quisquater. It entails “a degree of technical competence rarely seen,” according to Symantec. Targeted Surveillance Known targets are government bodies, banks, small businesses and academics. Quisquater have been …
Continue reading ‘Regin Malware Watches Cryptographers Among Other High Profile Targets’ »
All cryptographers understand the difference between a standard elliptic curve which everybody uses and recommends (say NIST, NSA, NATO, Microsoft, EMV bank cards etc) and a bizarre elliptic curve which nobody ever uses and which no responsible crypto engineer would recommend, except strangely in bitcoin. How to Upgrade It would be incredibly easy to upgrade, …
Continue reading ‘How To Upgrade The Bitcoin Elliptic Curve’ »
So many times we have learned about cryptography and security the hard way. One of the key problems is ignoring the advice and warnings, which are plainly written in the current crypto literature. This without the slightest ambiguity, so that there is very little doubt about what a reasonable and professional security practice is. The Story …
Continue reading ‘Controversy Around Bitcoin Elliptic Curve’ »
There is a wave of new powerful cryptographic attacks on bitcoin systems. There are several types of attacks: Attacks which use poor random number events. It has already happened hundreds of times in the bitcoin blockchain since 2012. Now there is a recent massive outbreak of such events. Here is a recent example from 1 Nov …
Continue reading ‘New Powerful Attacks On ECDSA In Bitcoin Systems’ »
The answer is: just accept to receive a regular payment with bitcoin core client v0.9.2.1. All your bitcoins may be lost! Here are the facts. Today we have done the following experience. I had my client synchronized and running on my laptop, then suddenly it hanged and I had to reboot it. Just few minutes before …
Continue reading ‘How to Lose Your Bitcoins with Bitcoin Core Client’ »