Ethereum: Birthday attack on P2SH
Ethereum: birthday attack on P2SH – safety sensitivity to display
As one of the most popular and most -used blockchain platforms, Ethereum was a pioneer in implementing various security functions to protect user transactions. However, there is a special susceptibility to the payment option 2 (P2), especially associated with the use of the Hash160 algorithm. This weakness also known as birthday attacks is a significant threat to the security and integrity of Ethereum transactions based in P2SH.
Hash160 algorithm
Hash160 is an algorithm developed by SIREMD, which indicates the Riemann integrity protocol with an algorithmic message (Pire-Up). It is used primarily in Bitcoin and other similar cryptocurrencies to create a digital signature for each data block. After applying to the P2SH transaction on Ethereum, the Hash160 algorithm is used to check the integrity and authenticity of these transactions.
Sensitivity of a birthday attack
A birthday attack uses susceptibility in the way Hash160 calculates its result. In particular, it uses the property of this shortcut, they collide more often than others. Simply put, some consumption (“birthday”) has more possible results. Carefully choosing an entrance and analyzing these collisions, the attackers can get confidential information about the portfolio of other users or private keys.
In the case of Ethereum, this susceptibility to this gap can be used with the help of a malicious actor with access to the Hash160 algorithm to find a private key to another user without knowing the password or expression of sperm. If he is successful, they can potentially dry the funds to the wallet or get unauthorized control over its property.
influence and alleviation
Birthday’s susceptibility is relatively new and has been discovered in various eThereum forks and implementation. To alleviate this risk:
- Safe key handling out : Implementation of safe keys to generate keys and make sure that private keys for the user are safely stored.
- A shortcut collision resistance
: Make sure Hash160 is designed with collision -resistant properties, which hinders the attacker to use vulnerability.
3
Application
Although the susceptibility to the P2SH in Ethereum may seem small compared to other security problems, it emphasizes the importance of the development of liquid software and efforts to ensure that the blockchain platforms remain safe. While programmers and users still cross the boundaries of what is possible in these systems, Awake Awake remain crucial for potential susceptibility.
Understanding this problem and taking steps to relieve its influence, we can cooperate to create a safer and reliable ecosystem for all interested parties in Ethereum.
Bir yanıt yazın