Block Withholding Attacks – Recent Research

In a recent paper, Ittay Eyal from Cornell University takes the block withholding attacks to the next level. Very interesting work. We are going to decrypt and clarify a few things regarding this paper and how it relates to other previously published works (in particular our paper). The Invention of Block Withholding The danger of a block …

Continue reading ‘Block Withholding Attacks – Recent Research’ »

More Bad Randoms In Bitcoin Blockchain

Bad random events are still happening in the bitcoin blockchain, such events are observed on a regular basis. They are probably due to some yet unpatched software (cf. section Mitigation Points here). Here is the latest such event at the moment of writing, it has occurred on 29 November 2014, see here. Two different bitcoin …

Continue reading ‘More Bad Randoms In Bitcoin Blockchain’ »

Regin Malware Watches Cryptographers Among Other High Profile Targets

Regin is a highly targetted malware designed to watch over just a handful of targets, with only around 100 infections uncovered since 2008, including the famous cryptographer Jean-Jacques Quisquater. It entails “a degree of technical competence rarely seen,” according to Symantec. Targeted Surveillance Known targets are government bodies, banks, small businesses and academics. Quisquater have been …

Continue reading ‘Regin Malware Watches Cryptographers Among Other High Profile Targets’ »

How To Upgrade The Bitcoin Elliptic Curve

All cryptographers understand the difference between a standard elliptic curve which everybody uses and recommends (say NIST, NSA, NATO, Microsoft, EMV bank cards etc) and a bizarre elliptic curve which nobody ever uses and which no responsible crypto engineer would recommend, except strangely in bitcoin. How to Upgrade It would be incredibly easy to upgrade, …

Continue reading ‘How To Upgrade The Bitcoin Elliptic Curve’ »

Controversy Around Bitcoin Elliptic Curve

So many times we have learned about cryptography and security the hard way. One of the key problems is ignoring the advice and warnings, which are plainly written in the current crypto literature. This without the slightest ambiguity, so that there is very little doubt about what a reasonable and professional security practice is. The Story …

Continue reading ‘Controversy Around Bitcoin Elliptic Curve’ »

New Powerful Attacks On ECDSA In Bitcoin Systems

There is a wave of new powerful cryptographic attacks on bitcoin systems. There are several types of attacks: Attacks which use poor random number events. It has already happened hundreds of times in the bitcoin blockchain since 2012. Now there is a recent massive outbreak of such events. Here is a recent example from 1 Nov …

Continue reading ‘New Powerful Attacks On ECDSA In Bitcoin Systems’ »

How to Lose Your Bitcoins with Bitcoin Core Client

The answer is: just accept to receive a regular payment with bitcoin core client v0.9.2.1. All your bitcoins may be lost!  Here are the facts. Today we have done  the following experience. I had my client synchronized and running on my laptop, then suddenly it hanged and I had to reboot it. Just few minutes before …

Continue reading ‘How to Lose Your Bitcoins with Bitcoin Core Client’ »

Can Cryptographers Challenge Bitcoin?

A paper at the Financial Cryptography 2012 conference explained that Bitcoin is a system which “uses no fancy cryptography, and is by no means perfect”. Cryptography can do much better than that. Now what kind of bitcoin cryptographers are going to build? Most current proposals are about making anonymous unlinkable untraceable etc etc currency. This is a …

Continue reading ‘Can Cryptographers Challenge Bitcoin?’ »

Most Unix/Linux/Mac Computer Systems Open For Hackers

A critical vulnerability allows remote attackers to execute code on our computers. Immediate patching of everything is recommended. Some points: As bad as Heartbleed, some people say it is worse: severity 10/10. Existed for 22 years since 1992. Not only Unix Linux, MacOS etc. but also Windows. Yes, I have checked with my Cygwin installation …

Continue reading ‘Most Unix/Linux/Mac Computer Systems Open For Hackers’ »

Bitcoin Security and Cryptography: Reasons to Worry

Bitcoin has a toxic culture of NOT taking security and cryptography questions seriously ever. Being able to withstand expert criticism, champion best practices and anticipate the risks is crucial for any open source project. Unhappily we observe that: There isn’t a single academic or scientist at the bitcoin foundation and they don’t like being criticized on …

Continue reading ‘Bitcoin Security and Cryptography: Reasons to Worry’ »