A new research finding has picked out vulnerabilities in the new class of Bitcoin Elliptic Curve Digital Signature Algorithm (ECDSA) signature that entities have, since 2015, been using to steal funds from unsuspecting users, skimming over 222 bitcoin (BTC) over the years.
Weakness in Bitcoin ECDSA signatures exposed
The study, whose findings were released on June 9, shows that flaws in custom ECDSA signatures can expose the sender’s private keys and even go a long way in disclosing not only the true identity of the sender but their respective addresses, especially if the sender is online.
Researchers have found a new way to exploit a vulnerability in how ECDSA signatures are created in Bitcoin. The weakness occurs when the “signature nonce is generated by concatenating half of the bits of the message hash together with half of the bits of the secret signing key.” In this way, the attacker can proceed to create fake ECDSA signatures that appear to be valid.
To execute this “lattice-based attack,” researchers said the attacker could recover the sender’s ECDSA private keys only if they knew the nonce used to generate a single signature. A nonce in Bitcoin is a unique, random number generated by a miner that’s used to create a hash. This hash satisfies Bitcoin’s difficulty requirements when verifying a block of bitcoin (BTC) transactions, preventing fraud and double spending.
Approximately 90,000 custom signatures affected
The ECDSA signature is an algorithmic algorithm that is used to sign transactions. In the Bitcoin blockchain, all private key holders, that is, the owners of bitcoin (BTC), must sign transactions, verifying that they are owners before those transactions are processed on the chain.
The ECDSA signature necessary to approve transactions is created using the private and public keys of the sender. This ECDSA signature algorithm is critical in ensuring that only the sender of the coin is the true owner. At the same time, it protects against double-spending and fraud.
The new finding reveals that custom ECDSA signatures in the blockchain network are vulnerable and can leak funds, true identities, and the sender’s location. During the investigation, nearly 90,000 vulnerable custom ECDSA signatures were identified. These were created by 900 different addresses that have since moved 222 BTC.