Researchers have discovered a vulnerability residing in the JavaScript SecureRandom() function used for generating random Bitcoin addresses and their corresponding private keys.
The flaw makes old Bitcoin addresses generated in the browser or via JS-based wallet application vulnerable to brute-force attacks. As a result, attackers can get access to users’ wallets and steal their cryptocurrency funds.
JavaScript SecureRandom() Library Not Securely Random
Cryptography is profoundly unforgiving of errors. You don’t mess with it. You don’t roll your own — you need battle-hardened algorithms that have been torture-tested by the most technically ruthless cryptographers you can find, said the researchers who reported the issue.
On top of that, they added, “the popular JavaScript SecureRandom() library isn’t securely random”.
The issue is stemming from the function not generating random data as it is supposed to do.
The function will generate cryptographic keys that, despite their length, have less than 48 bits of entropy, meaning that the key’s output will have no more than 48 bits of entropy even if its seed has more than that, researchers added.
SecureRandom() then runs the number it gets through the obsolete RC4 algorithm, which is known to be more predictable than it should be, i.e. less bits of entropy. Thus, your key is more predictable.
All of the above means that the Bitcoin addresses generated through the the SecureRandom() function are prone to brute-force attacks that may reveal the user’s private key. If the latter happens, the user’s funds may be stolen.
Who is affected?
Apparently, all wallets generated by js tools within browsers since the beginning of Bitcoin until 2011 are impacted by the Math.random weakness if applicable to the related implementations, the Math.random or RC4 (Chrome) weakness between 2011 and 2013, and RC4 weakness for Chrome users until end of 2015, researchers clarified.
In other words, these keys will be easy to crack by brute-force attack of computing power.
The flaw affects users if they use old crypto addresses generated via JavaScript within the browser. If this is the case, users should immediately move their funds away from these wallets.
The following are likely affected:
– BitAddress pre-2013;
– bitcoinjs before 2014;
– current software that uses old repos they found on Github.
Recent JavaScript-generated addresses probably aren’t affected, researchers say. However, JavaScript is not the best way to generate keys, so it is best if users migrate their funds.
Milena Dimitrova
An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim
Follow Me: