A new type of fraud: revealing the private keys

In cryptosuite a new kind of fraud: the spread of wallets with non-random algorithm for generating the private keys. An anonymous user on the website Pastebin has submitted evidence that one of the wallets for Bitcoin generate private keys which are very easy to decipher and therefore to take in the hacked bitcoin wallet. The name of the purse in the publication is not mentioned, also not reported whether these actions are the result of malware or just a code error.

To understand the nature of the detected problems, it is necessary to understand how bitcoin works in General, and in particular, what constitutes the private key.

If you imagine a cryptocurrency wallet address in the form of a castle, the private key is used to open the lock, and to spend the money stored inside.

When you create a wallet on the device — whether computer, phone or anything else, generates a random set of letters and numbers is the private key. That is the private key (and only it) provides the right of possession of the coins. Control of the private key allows to spend coins from the wallet.

Here is the private key:

6c951c460a4cfe5483863adacafad59e5de7e55876a21857733ca94049d7d10c

After the private key is created, it passes through a hashing function. The hash function is a mathematical function which, after insertion of numbers or strings, returns a different, a new chain, which has no feedback with the first number/chain. To the second of the first is very simple, whereas to the former from the latter is mathematically impossible. The second number is public (open) key and hashed again — this time, to get the addresses of bitcoin wallets.

«Decrypt» the private key

Since the private key could literally be anything, technically we can take any phrase or string of letters and numbers and use them as the private key (e.g., «satoshi nakamoto») . In other words, you can throw in a hash function is any set of symbols and create a wallet. It then creates a public key and – welcome to the world of cryptocurrency! But to do so is strongly discouraged, since it is obvious that if you are able to come up with a private key, to reveal his will and someone else. This key will not be truly random, and it is this property necessary to create a secure wallet.

For example, wallet, BrainWallet.io is equipped with a tool that enables users to place all that they wish, and to obtain a public/private key. Because the blockchain is a public registry, it is possible to observe a variety of locations generated from common phrases. The use of such phrases as keys, to put it mildly, it is unwise, however, sometimes people just send coins to just to leave a trace in the blockchain.

Check the private keys for the detection of bitcoins

An anonymous Pastebin user used is available in the blockchain pieces of data in order to check whether you have used some of them for creating wallets. He used the hashing for each block, taking hashed several times simple words and phrases, and finally began to test all the addresses of bitcoin. In addition to addresses with unspent balances, it also included in its analysis addresses with a zero balance.

The first experiment was to verify the hashes of the block numbers and was to determine whether they used these block numbers to create private keys. Indeed, the user was discovered more than four addresses over the last seven years was used to obtain bitcoins. All were subsequently cleared, however, the user decided to continue the investigation.

Then he used the roots of Merkle (Merkle roots) some blocks for the existence of the disclosed keys, and again he managed to find the address that sent the coins. Unfortunately, the balance was zero, but the hunt became more interesting. The third experiment was conducted using simple words, a few times the last hash, such as “hello” or “sender”. The hashes of these words then heiropolis again and again, adding an extra layer of protection and reducing the chances that the key will open. If you zahariuta the word once, then you will be able to repeat it again and again, and eventually you will get a private key that has ever used. Thus was discovered a few addresses using this method. One of the most fun was the word “password” (password) and hash which 1 975 times obtained a valid private key that sent the funds. More than likely that the Creator of this address, was born in 1975.

In the last experiment, a user took the list of all bitcoin addresses and tested all public address, to check whether they are used as private keys. And again he searched for fragments of the blockchain and found dozens of addresses. Unlike many of them was the fact that they receive and spend bitcoins quite recently — in the last days or weeks.

The idea of using public addresses to the private key makes no sense and very risky as it is easy to open. Such addresses received bitcoin and took them within minutes or hours after confirmation. And it is here that an anonymous user Pastebin suspected that something was wrong.

What’s really going on?

The Pastebin user said that the service of one of the third-party wallets (pool mining, gambling site online or simply purse), may contain within its backend is based on public addresses malicious code, allowing someone to steal the coins. Presumably, this code works for several years, and all the while he is stealing bitcoins. On the other hand, it is possible that non-random keys are created as the result of a system error, not hackers.

User created bot for a continuous scanning address data and intercept all send them bitcoins, and by chance he came across a transaction in 0.5 bitcoins to the address with the disclosed private key. Unfortunately, the bot worked well enough, and it failed during the create transaction. Bitcoins were recovered from her purse and sent on. However, the user got suspicious and continued to experiment with the bot, and then he noticed that similar «address collection» was used in a variety of methods of disclosure of keys. At least one address from all methods listed bitcoins, one after another, someone that controls the entire system. Every day the user watched more than 6 transactions that passed through its database of private keys.

For example, a user Reddit under the name /u/fitwear told about the hacking of the purse blockchain.info and stealing almost 9 BTC. Despite the fact that when you create the wallet he carried out all safety precautions (use a strong password and two-factor authentication), his bitcoins are gone. In response to the appeal to the technical support he received the standard response referring to the fact that someone may have possession of its data, or its structure was damaged by a virus.

An anonymous Pastebin user has managed to find 9 of bitcoins on the address, copy the private key to which was contained in its database. The user /u/fitwear got lucky and got their bitcoins back, however, further investigation of the address revealed a very disturbing details.

It is obvious that assumptions of technical support blockchain.info about the virus completely unfounded – it is logical that the developer would have created the private key of any of the confidential information and not a random address. The fact that the address is random, giving anyone understand this scheme the chance to collect coins before a hacker can send them to a wallet under their control. There’s something definitely doesn’t add up.

The code will need to generate a decrypted private keys, is surprisingly simple – it’s just a pair of hash functions. In the case of a third-party provider of the wallet, this piece of malware would be hidden among thousands of lines of code. In addition, this feature would attract attention during a code review, because it just hachirogata public address. In the same way, when we hide something in plain sight. If the virus was encoded in a way that creates a private key, known only to the attacker and his victim, it would be much more suspicious than coding the system of generation of a key that produces easily reveal the private key.

What’s next?

Despite the fact that the discovered information is very alarming, the security of Bitcoin is not affected. 99.999% of the generated private keys are generated at random, and if the key is generated correctly, statistically, the possibility that your private keys are decrypted, very insignificant. Referring to the example with the number of seconds since the universe began, attempting to uncover a randomly generated key can be compared with the guess in all of this is the number of seconds one particular second. It is very unlikely that you will guess at least a year, not to mention the month, day, hour, minute and second. If you have checked the purse and control its private keys, you will 100% not be affected.

Should worry people who use the services of third parties, such as exchanges or online wallets. On the other hand, it is also worth noting that direct evidence of the involvement of the website blockchain.info or someone else stealing bitcoin /u/fitwear or other suspicious transactions detected anonymous user in the blockchain, does not exist.

In fact, everything else is quite simple. If you control your private keys, and they were created randomly, you will not become a victim of such attacks.

Добавить комментарий