Attacks detected on cryptocurrency
More and more people are using cryptocurrency, but money can be burnt on the Internet too. Researchers at Friedrich-Alexander-Universität Erlangen-Nürnberg (FAU) have urged for caution. Together with the University of Saarland, they have detected attacks on Zerocoin as well as uncovering potential security issues relating to the cryptocurrencies Zcoin, PIVX, SmartCash, Hexxcoin and Zoin. They discovered several instances in which issuing honestly generated coins was hindered, the same coins were spent more than once and money was stolen.
Cryptocurrency is digital currency created on the basis of cryptography, in other words methods typically used to secure communication. The most well-known is Bitcoin, which was launched in 2009 as the first publicly traded cryptocurrency. Thousands of other cryptocurrencies have been introduced since, attracting the interest of researchers as well.
Cryptographic attack on Zerocoin
Several cryptocurrencies use the Zerocoin protocol which is based on digital serial numbers. Following the same system as bank notes, each serial number is only used once for digital coins. In the event of a cryptographic attack, however, the attacker succeeds in creating a second Zerocoin with the same serial number – comparable to forging a bank note.
Researchers from the Chair of Applied Cryptography at FAU were able to detect a ‘denial of spending’ attack on Zerocoin. Prof. Dr. Dominique Schröder describes this attack as follows: ‘An honest person would like to pay using a coin and sends their transaction including the serial number to the network. An attacker, who presumably has control over the victim’s network, blocks the message with the transaction and ensures that it fails to reach the nodes in the cryptocurrency’s network.’ The attacker then generates a forged Zerocoin with the same serial number and sets it into circulation. Schröder explains that for the honest owner, their coin has effectively been burnt.
The attacker only benefits financially from the move when the reputation of the currency is damaged after news spreads of the attack. Attackers speculate on the currency falling in value after news of the security leak spreads. By finding several victims and publicising the matter themselves, attackers are set to make a profit if and when the currency loses value.
Security loopholes in other cryptocurrencies
Researchers also came across two programming errors in the libzerocoin library, used by the cryptocurrencies Zcoin, PIVX, SmartCash, Hexxcoin and Zoin. One of these errors allowed attackers to basically create money from thin air, leading to an inflation of the currency. A further error in transaction signatures allowed attackers to steal money from honest users.
Majority of problems resolved
Most problems have since been resolved after FAU researchers raised the issue with the developers and worked together to find a solution. As far as Zerocoin is concerned, the researchers recommend no longer creating the serial numbers using a randomly chosen bit string, but to use a new random public key instead. An attacker will then still be able to see the serial number, but will be unable to sign the transaction without the private key. The libzerocoin library has also been overhauled.
The researchers advise owners of cryptocurrency to use the latest version of their wallet, to contact the developers if they are in any doubt and to refrain at the moment from using any zerocoins they have from Zcoin or Zoin which have not yet been spent.
Further information can be found on the Chair of Applied Cryptography blog.
Prof. Dr. Dominique Schröder