[Bitcoin-development] Advisory: PHP library Bitcoin SCI weak key generation

Andres Home a86551 at outlook.com
Sun Oct 27 22:25:41 UTC 2013


For those developers who are using the Bitcoin SCI library (maybe others too, I
found two total and could only make contact with one), I would advise that you
review how your software handles private key creation.

Up until today, the Bitcoin SCI library used the Mersenne Twister PRNG or the
GMP library's PRNG directly to generate private keys. This has been somewhat 
resolved in the most recent version (October 27th), but only for the 
createNewMiniKey() function. Even if you haven't been using this library, it 
would be a fine oportunity to check your key generation functions if you do not 
interface directly with bitcoind. 

Affected keys have 32bits of entropy, possibly up to 56bits depending on the 
build of PHP, a low enough amount that would allow GPU based attacks on keys
in the lower ranges.


I do not know how many keys have been created using either function
.
I also don't share the authors optimism that this isn't an issue. 		 	   		  



More information about the bitcoin-dev mailing list