Annoying bug: what kind of Ripple wallets have a critical vulnerability?

Library Ripple, published up to August 2015, are a potential threat to some cryptocell. This project team said in its appeal. According to a recent study conducted by experts at the University of California and DFINITY Foundation in risk were the addresses of the wallets of Bitcoin, Ethereum and Ripple.

New vulnerabilities

The security of public key algorithms to generate digital signature (ECDA), integrated in many crypto-currencies is highly dependent on sets of random data. They are also known as once used of a number or a nonce.

If the private key ECDA is used to sign two messages with the same nonce, in the long term, the key is easy to crack.

The researchers said that they managed to get access to hundreds of cryptocell with BTC, XRP and ETH. They also managed to crack the SSH and HTTPS protocols.

In the case of cryptocurrency private keys that enable us to withdraw funds from the wallets of victims. Using SSH and HTTPS, it is possible to intercept control over the end host.

Fortunately, this vulnerability is easy to fix.

We considered a hacker attack could have been prevented with a deterministic nonce generation. This principle is provided by default in the libraries of Bitcoin and Ethereum.

Source: Reddit

In Ripple stated that the above precaution has been integrated into the project in August 2015. In other words, all addresses, contact bloccano before this time, are potential targets for hackers. If you have an old wallet with XRP, which you have not used in 2015, then you are at risk.

More details on the protection of their digital assets can be found in our cryptodata. We’ll discuss wallets.


Leave a Reply

Your email address will not be published. Required fields are marked *