Financial Cryptography and Data Security: 23rd International Conference, FC 2019, Frigate Bay, St. Kitts and Nevis, February 18–22, 2019, Revised Selected Papers

In this paper, we compute hundreds of Bitcoin private keys and dozens of Ethereum, Ripple, SSH, and HTTPS private keys by carrying out cryptanalytic attacks against digital signatures contained in public blockchains and Internet-wide scans. The ECDSA signature algorithm requires the generation of a per-message secret nonce. If this nonce is not generated uniformly at random, an attacker can potentially exploit this bias to compute the long-term signing key. We use a lattice-based algorithm for solving the hidden number problem to efficiently compute private ECDSA keys that were used with biased signature nonces due to multiple apparent implementation vulnerabilities.

[1]  Herbert Bos,et al.  How Anywhere Computing Just Killed Your Phone-Based Two-Factor Authentication , 2016, Financial Cryptography.

[2]  Yvo Desmedt,et al.  How to Attack Two-Factor Authentication Internet Banking , 2013, Financial Cryptography.

[3]  Mike Bond,et al.  Chip and Skim: Cloning EMV Cards with the Pre-play Attack , 2012, 2014 IEEE Symposium on Security and Privacy.

[4]  Gianluca Stringhini,et al.  Are Payment Card Contracts Unfair? (Short Paper) , 2016, Financial Cryptography.

[5]  George R. S. Weir,et al.  From ZeuS to Zitmo: Trends in Banking Malware , 2015, 2015 IEEE Trustcom/BigDataSE/ISPA.

[6]  Marti A. Hearst,et al.  Why phishing works , 2006, CHI.

[7]  Tilo Müller,et al.  Paying the Price for Disruption: How a FinTech Allowed Account Takeover , 2017, ROOTS.

[8]  Ahmad-Reza Sadeghi,et al.  On the (In)Security of Mobile Two-Factor Authentication , 2014, Financial Cryptography.

[9]  Yi Mu,et al.  A Secure Mental Poker Protocol Over The Internet , 2003, ACSW.

[10]  Tilo Müller,et al.  Honey, I Shrunk Your App Security: The State of Android App Hardening , 2018, DIMVA.

[11]  Silke Holtmanns,et al.  Privacy in LTE networks , 2016, MobiMedia.

[12]  Lih-Chung Wang,et al.  A fast mental poker protocol , 2012, J. Math. Cryptol..

[13]  David Naccache,et al.  When organized crime applies academic results: a forensic analysis of an in-card listening device , 2015, Journal of Cryptographic Engineering.

[14]  Bingsheng Zhang,et al.  Digital Liquid Democracy: How to Vote Your Delegation Statement , 2017, IACR Cryptol. ePrint Arch..

[15]  Mike Bond,et al.  2010 IEEE Symposium on Security and Privacy Chip and PIN is Broken , 2022 .

[16]  Stuart E. Schechter,et al.  The Emperor's New Security Indicators , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[17]  Jean-Pierre Seifert,et al.  SMS-Based One-Time Passwords: Attacks and Defense - (Short Paper) , 2013, DIMVA.

[18]  Vijay Varadharajan,et al.  Efficient TTP-free mental poker protocols , 2005, International Conference on Information Technology: Coding and Computing (ITCC'05) - Volume II.

[19]  Bryan Watson,et al.  On the User Awareness of Mobile Security Recommendations , 2017, ACM Southeast Regional Conference.

[20]  Matthew Smith,et al.  Hey, You, Get Off of My Clipboard - On How Usability Trumps Security in Android Password Managers , 2013, Financial Cryptography.

[21]  Thorsten Holz,et al.  Breaking LTE on Layer Two , 2019, 2019 IEEE Symposium on Security and Privacy (SP).

[22]  Jean-Pierre Seifert,et al.  SMS of Death: From Analyzing to Attacking Mobile Phones on a Large Scale , 2011, USENIX Security Symposium.

[23]  Bruce Schneier,et al.  Stop Trying to Fix the User , 2016, IEEE Secur. Priv..