»Ethercombing - Blockchain brute force cryptanalysis«
2019-11-09, 18:20–18:30, Blue Day

By performing brute force crypt-analysis on public keys to discover private keys we stumbled on someone doing the same thing, holding over 8 million USD worth of stolen cryptocurrency.

This session will at a high level, with details sprinkled in where appropriate, cover how to generate wallets (both Bitcoin and Ethereum) and how to interact with a blockchain using private/public key pairs.

We will explain how that concept transfers over to brute force cryptanalysis of blockchains, namely Ethereum, and how it kicked off a digital beach-combing exercise of the Ethereum blockchain -- named project Ethercomb. After we discuss how wallets and private/public keys are created we will talk about coding errors that make faulty or weak private keys (key truncation/bad entropy/nullkeys/faulty memory management) and their associated wallet addresses.

We will point out areas in the 256bit Ethereum and Bitcoin private key space that are likely candidates to contain keys generated through faulty methods. Then we will talk about the ethics and legality of enumerating these locations to discover assets on the blockchain. Under counsel of the EFF we decided to go ahead and scan 32 billion likely locations where transactions happened using private keys that we have full knowledge about.

The presentation will briefly go over the architecture of how to efficiently scan 32 billion keys and how we had to use a cloud clustering solution as doing it locally on workstations would take thousands of hours. Then we will present our surprising findings on how tens of thousands of transactions could have been intercepted and the associated digital money be taken along with showing how much money is stored on the blockchain using private keys we have knowledge about. We will also show how hundreds of millions of dollars were permanently lost due to faulty coding sending transactions to 'black hole' wallets.

The presentation will then cover common coding errors that led to the above events and finish off with a summary/brief recap.