Re: [Bitcoin-development] Advisory: PHP library Bitcoin SCI weak key generation
That's correct. There's no source control so I've mirrored the weak functions. The MiniKey function: http://pastie.org/8435726 The PrivKey function: http://pastie.org/8435731 > Date: Mon, 28 Oct 2013 08:46:34 +1000 > Subject: Re: [Bitcoin-development] Advisory: PHP library Bitcoin SCI > weak key generation > From: gavinandre...@gmail.com > To: a86...@outlook.com > CC: bitcoin-development@lists.sourceforge.net > > Thanks for the warning; to be clear, "the Bitcoin SCI library" is this > project? >http://bitfreak.info/index.php?page=tools&t=bitsci > > > On Mon, Oct 28, 2013 at 8:25 AM, Andres Home > mailto:a86...@outlook.com>> wrote: > For those developers who are using the Bitcoin SCI library (maybe > others too, I > found two total and could only make contact with one), I would advise > that you > review how your software handles private key creation. > > -- > -- > Gavin Andresen -- October Webinars: Code for Performance Free Intel webinars can help you accelerate application performance. Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from the latest Intel processors and coprocessors. See abstracts and register > http://pubads.g.doubleclick.net/gampad/clk?id=60135991&iu=/4140/ostg.clktrk ___ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development
[Bitcoin-development] Advisory: PHP library Bitcoin SCI weak key generation
For those developers who are using the Bitcoin SCI library (maybe others too, I found two total and could only make contact with one), I would advise that you review how your software handles private key creation. Up until today, the Bitcoin SCI library used the Mersenne Twister PRNG or the GMP library's PRNG directly to generate private keys. This has been somewhat resolved in the most recent version (October 27th), but only for the createNewMiniKey() function. Even if you haven't been using this library, it would be a fine oportunity to check your key generation functions if you do not interface directly with bitcoind. Affected keys have 32bits of entropy, possibly up to 56bits depending on the build of PHP, a low enough amount that would allow GPU based attacks on keys in the lower ranges. I do not know how many keys have been created using either function . I also don't share the authors optimism that this isn't an issue. -- October Webinars: Code for Performance Free Intel webinars can help you accelerate application performance. Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from the latest Intel processors and coprocessors. See abstracts and register > http://pubads.g.doubleclick.net/gampad/clk?id=60135991&iu=/4140/ostg.clktrk ___ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development