Potential attacks against ECDSA: an approach to raw public key
The use by Ethereum of digital signatures of the Elliptical Curve (ECDSA) has made it one of the most adopted cryptocurrencies. However, this approach to cryptography also leaves room for potential vulnerabilities. In this article, we will explore two types of attacks that could be possible if raw public keys were used as addresses instead of chopped addresses.
Why are the chopped addresses secure
Before diving into potential attacks, let’s review quickly why the chopped addresses are considered secure by default in Ethereum. The Ethereum address format is designed to prevent an attacker from using a single address for several transactions. The hash guarantees that each address is unique and cannot be used for any transaction.
The use of atmosphere like addresses offers several advantages:
* Uniqueness : Each address is chopped, which practically makes reuse or compromise impossible.
* Determinism : The hash value of an address is always translated by the same outing, reducing the probability of collisions.
* Non-repudiation : With chopped addresses, it is difficult for an attacker to deny participation in a transaction.
Potential attacks against raw public keys
If raw public keys were used as addresses instead of chopped, two types of attacks could be possible:
Attack 1: hash collision
A hash collision occurs when two different entries produce the same output. In this case, if we use raw public keys as addresses, a hash collision could occur if an attacker has a large number of public keys and uses them to try to create a new address.
Why it’s possible
The hash collisions are possible because there are many possible entries (public keys) which can produce the same output (chopped value). For example:
- A public key “a” hash to a specific outing.
- Another public key “B” at the same exit as “A”.
- And so on.
This could lead to an attacker to create several addresses with the same chopped value, which allows them to compromise transactions or steal funds.
Attack 2: Exhibition of private keys
If raw public keys are used as addresses, a private key (the secret associated with each address) can also be exposed. Indeed, the hash only the output, not the input. An attacker could potentially obtain a copy of your private key by using weaknesses in your wallet or using brute force attacks.
Why it’s possible
Although the minced outings are secure, it is possible for an attacker to obtain the associated private keys if they have sufficient resources or expertise. This could allow them to compromise transactions or access sensitive information about your assets.
Conclusion
In conclusion, although raw public key addresses may seem a practical and simple solution, they also introduce potential security risks. The use of chopped addresses provides robust protection against these types of attacks due to the unique nature of their hash mechanism. However, it is essential to remember that even with chopped addresses, there is no guarantee against all possible attacks.
To minimize vulnerabilities, Ethereum developers continue to explore means to improve the safety and resilience of their blockchain network. Whether you prefer chopped or public key addresses, understanding the potential risks associated with each approach is crucial to make informed decisions on your cryptocurrency investments.