blockchain – Page 2 – SSL and internet security news

Presidential Candidate Andrew Yang Has Quantum Encryption Policy

July 12, 2019 infossl

blockchain, cryptography, encryption, nationalsecuritypolicy, quantumcomputing, Security technology

At least one presidential candidate has a policy about quantum computing and encryption. It has two basic planks. One: fund quantum-resistant encryption standards. (Note: NIST is already doing this.) Two, fund quantum computing. (Unlike many far more pressing computer security problems, the market seems to be doing this on its own quite nicely.) Okay, so … Read More “Presidential Candidate Andrew Yang Has Quantum Encryption Policy” »

Stealing Ethereum by Guessing Weak Private Keys

April 29, 2019 infossl

academicpapers, blockchain, cryptocurrency, cryptography, encryption, hacking, keys, Security technology

Someone is stealing millions of dollars worth of Ethereum by guessing users’ private keys. Normally this should be impossible, but lots of keys seem to be very weak. Researchers are unsure how those weak keys are being generated and used. Their paper is here. Powered by WPeMatico

Blockchain and Trust

February 12, 2019 infossl

academicpapers, bitcoin, blockchain, cryptocurrency, cryptography, essays, Security technology, trust

In his 2008 white paper that first proposed bitcoin, the anonymous Satoshi Nakamoto concluded with: “We have proposed a system for electronic transactions without relying on trust.” He was referring to blockchain, the system behind bitcoin cryptocurrency. The circumvention of trust is a great promise, but it’s just not true. Yes, bitcoin eliminates certain trusted … Read More “Blockchain and Trust” »

Major Zcash Vulnerability Fixed

February 5, 2019 infossl

blockchain, cryptocurrency, patching, Security technology, vulnerabilities

Zcash just fixed a vulnerability that would have allowed “infinite counterfeit” Zcash. Like all the other blockchain vulnerabilities and updates, this demonstrates the ridiculousness of the notion that code can replace people, that trust can be encompassed in the protocols, or that human governance is not ncessary. Powered by WPeMatico

Friday Squid Blogging: Squid Falsely Labeled as Octopus

October 26, 2018 infossl

blockchain, Security technology, squid, supplychain

Two New Yorkers have been charged with importing squid from Peru and then reselling it as octopus. Yet another problem that a blockchain-enabled supply-chain system won’t solve. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. … Read More “Friday Squid Blogging: Squid Falsely Labeled as Octopus” »

West Virginia Using Internet Voting

October 19, 2018 infossl

blockchain, phones, Security technology, securitypolicies, voting

This is crazy (and dangerous). West Virginia is allowing people to vote via a smart-phone app. Even crazier, the app uses blockchain — presumably because they have no idea what the security issues with voting actually are. Powered by WPeMatico

Breaking the Anonymity in the Cryptocurrency Monero

March 28, 2018 infossl

academicpapers, anonymity, blockchain, cryptocurrency, Security technology, tracing

Researchers have exploited a flaw in the cryptocurrency Monero to break the anonymity of transactions. Research paper. BoingBoing post. Powered by WPeMatico

Tracing Stolen Bitcoin

March 28, 2018 infossl

academicpapers, bitcoin, blockchain, Security technology, theft, tracing, tracking

Ross Anderson has a really interesting paper on tracing stolen bitcoin. From a blog post: Previous attempts to track tainted coins had used either the “poison” or the “haircut” method. Suppose I open a new address and pay into it three stolen bitcoin followed by seven freshly-mined ones. Then under poison, the output is ten … Read More “Tracing Stolen Bitcoin” »

Security Vulnerabilities in Smart Contracts

March 6, 2018 infossl

academicpapers, blockchain, Security technology, vulnerabilities

Interesting research: “Finding The Greedy, Prodigal, and Suicidal Contracts at Scale“: Abstract: Smart contracts — stateful executable objects hosted on blockchains like Ethereum — carry billions of dollars worth of coins and cannot be updated once deployed. We present a new systematic characterization of a class of trace vulnerabilities, which result from analyzing multiple invocations … Read More “Security Vulnerabilities in Smart Contracts” »