Blockchain/ Distributed Ledger

Back to discussions
Expand all | Collapse all

Wallet Security and Key Space

  • 1.  Wallet Security and Key Space

    Posted Jun 15, 2020 12:24:00 PM
    The article "Loopring's Frontend Vulnerability, Explained" published in Medium talks about use wallet security related to the key space. 
    The analysis shows that due to use of non-standard hash function, the wallet's account key has only 32 bit space, which is very easy to emmulate and attack. This could be a good use case for the front end wallet design and key security. 


    ------------------------------
    Ken Huang
    DistributedApps

    ------------------------------


  • 2.  RE: Wallet Security and Key Space

    Posted Jun 16, 2020 10:21:00 AM
    @Kurt Seifried Thoughts on this? ​

    ------------------------------
    Hillary Baron CCSK v4
    Program Manager, Research
    CSA
    Seattle WA
    ------------------------------

    Original Message


  • 3.  RE: Wallet Security and Key Space

    Posted Jun 16, 2020 11:35:00 AM
    This is actually something I've been researching in general, hash functions, search space, at what point do we consider a value "unguessable" aka how resistant are these to birthday attacks? For some numbers please see:

    https://en.wikipedia.org/wiki/Birthday_attack

    The TL;DR: 32 bit and below is to small, 20 years ago it was maybe ok, but not now. 32bit integer (4bytes) times 2^32 integers... is a mere 32 gigabytes of data (plus overhead, my gaming PC has 32gigs of ram...) and a modern CPU can grind through the space in minutes. 64 bit is not currently safe (and certainly won't be in a decade), 128 bit is ok now and probably safe for a while, but 256 bits is probably the simplest long term strategy if you want to be collision resistant for the next few decades (assuming your hashing system has no major flaws). 

    As such as hashing algorithm like SHA-3, which conveniently outputs a 256bit hash value is your best bet, also it's the most tested/analyzed of the newer hashing algorithms, NIST approved, etc and shows good resistance to quantum attacks. Back to the old "people who roll their own crypto (and by extension hashing) are probably doing it wrong" maxim.


    ------------------------------
    Kurt Seifried
    Chief Blockchain Officer and Director of Special Projects
    Cloud Security Alliance
    [email protected]
    ------------------------------

    Original Message


  • 4.  RE: Wallet Security and Key Space

    Posted Jun 17, 2020 10:29:00 AM

    This has nothing todo with Birthday Attack, and they are correctly using the right hashing function, the problem is with the processing of the seed. In a BIP39 compliant wallet the password in reality is used as salt. The problem was the faulty implementation of the Key Stretching Function reduced the entropy and thats it. 

    for more context please check;
    https://github.com/bitcoin/bips/blob/master/bip-0039.mediawiki 
    https://github.com/bitcoin/bips/blob/master/bip-0032.mediawiki 



    ------------------------------
    Chaddy Huussin
    VP
    JPMC
    ------------------------------

    Original Message


  • 5.  RE: Wallet Security and Key Space
    Best Answer

    Posted Jun 18, 2020 07:24:00 PM
    Sort of correct, but not entirely. The problem is it uses a hash, as we know all hash have a finite output (usually 32, 64, 128, 160, 224, 256, 512, etc. bits), so no matter what there are always (theoretically at least) more inputs than outputs (although past 128 bits the practicality dies off rapidly unless the hash is somehow significantly flawed). 

    In this case the hashing algorithm used has a significant flaw rendering the whole point moot (it mangles the data into a forced 32 bit output). As such there are now two major factors:

    1) the entire key space is so small that you don't have to guess per se, you can simply brute force it quickly. 
    2) the hash is so sufficiently bad that we can just walk though 00000000 - FFFFFFFF, we don't have to go "beyond" and try anything else (e.g. the permutation of the data is weak)

    Basically they did this so badly that you can skip most of the birthday part of the birthday attack. 

    However even with a proper hash algorithm instead of what they used, they could still be potentially vulnerable to a birthday attack (e.g. MD5).

    ------------------------------
    Kurt Seifried
    Chief Blockchain Officer and Director of Special Projects
    Cloud Security Alliance
    [email protected]
    ------------------------------

    Original Message


  • 6.  RE: Wallet Security and Key Space

    Posted Jul 24, 2020 10:22:00 AM
    Also a heads up, the wallets group hit critical mass so it's been stood up in Google Groups.

    ------------------------------
    Kurt Seifried
    Chief Blockchain Officer and Director of Special Projects
    Cloud Security Alliance
    [email protected]
    ------------------------------

    Original Message


  • 7.  RE: Wallet Security and Key Space

    Posted Dec 16, 2020 10:57:00 AM
    Edited by Ken Huang Dec 16, 2020 11:00:09 AM
    The CSA China Chapter has recently published Digital Wallet security practise and testing strategies. In case you are interested, it is open souce and can be found at the following URL. You can use Google Translate to translate Chinese to English.

    https://lnkd.in/eYRFyiD

    ------------------------------
    Ken Huang Chair, Blockchain Security Working Group, CSA GCR
    ------------------------------

    Original Message


  • 8.  RE: Wallet Security and Key Space

    Posted Dec 16, 2020 01:18:00 PM
    @Ken Huang​ - Would the China Chapter be interested in doing a full translation of the document? Then we could publish both versions through CSA Global.

    ------------------------------
    Hillary Baron CCSK v4
    Program Manager, Research
    CSA
    Seattle WA
    ------------------------------

    Original Message


  • 9.  RE: Wallet Security and Key Space

    Posted Dec 18, 2020 10:28:00 AM

    Hi, Hilary:

    CSA GCR has already published 7 blockchain related security document in Chinese so far. We are behind in translating them into English and may need help to recruit some volunteers to do the translation. Here are the 7 documents which were published during CSA GCR Annual Conference in Shanghai, in early December this year

    1: Digital Wallet Security Practise and Testing

    2: Top Crypto Exchange Security Risks

    3: Blockchain Data Layer Security

    4: Smart Contact Security and Testing Guide

    5: AML and Chain Analysis for Digital Asset Transactions.

    6: Dapp Security Best Practise and Testing 

    7: Decentralized Identity Security and Privacy Considerations

    Next year, we will work on the following two white papers:

    1: Consensus Algorithm Security Best Practices (Led by two Professors from Peking University)

    2: Blockchain Network Securtiy (Led by a professor and Dean of Computer Science from Beijing Institute of Technology)



    ------------------------------
    Ken Huang Chair, Blockchain Security Working Group, CSA GCR
    ------------------------------

    Original Message


  • 10.  RE: Wallet Security and Key Space

    Posted Jan 29, 2021 12:21:00 PM
    Has there been any movement on this? I'm definitely interested to find out. Also, can you provide the original Chinese versions? (Google translate is better than nothing). Thanks

    ------------------------------
    Kurt Seifried
    Chief Blockchain Officer and Director of Special Projects
    Cloud Security Alliance
    [email protected]
    ------------------------------

    Original Message


  • 11.  RE: Wallet Security and Key Space

    Posted Feb 01, 2021 08:18:00 AM
    @Kurt Seifried I will send you the pdfs.  Ken has sent them to me.​

    ------------------------------
    Hillary Baron CCSK v4
    Program Manager, Research
    CSA
    Seattle WA
    ------------------------------

    Original Message


  • 12.  RE: Wallet Security and Key Space

    Posted Feb 01, 2021 09:55:00 AM
    Hi, Kurt and Hillary:

    Yes, the internal circle link to posted PDF files are here as well:

    https://circle.cloudsecurityalliance.org/community-home1/digestviewer/viewthread?GroupId=133&MessageKey=4b5e1a4d-7c36-4deb-b54a-1d713016a297&CommunityKey=a9786cbe-105a-420f-a353-8bbe10ab684d&tab=digestviewer&ReturnUrl=%2fcommunity-home1%2fdigestviewer%3fcommunitykey%3da9786cbe-105a-420f-a353-8bbe10ab684d%26tab%3ddigestviewer

    The Data Layer Security for Blockchain white paper is still under final review and will be released around June or July time frame.

    Thanks





    ------------------------------
    Ken Huang Chair, Blockchain Security Working Group, CSA GCR
    ------------------------------

    Original Message