Identifying errors in the cryptanalysis process and identifying vulnerabilities in the libsecp library: Cryptographic security and problems

13.04.2024
Identifying errors in the cryptanalysis process and identifying vulnerabilities in the libsecp library: Cryptographic security and problems

“Serious bugs and vulnerabilities in the libsecp library: a look into the past and lessons for the future”

Libsecp256k1 is a cryptographic library that implements the Elliptic Curve Security Protocol (secp256k1) used in Bitcoin and many other cryptocurrencies. Despite its importance and widespread use, this library was no exception to the rule: serious bugs and vulnerabilities were found in it over the years. In this article, we’ll look at some of the most significant issues found in libsecp256k1 and discuss what lessons can be learned from them for the future.

  1. Unqualified key handling vulnerability (CVE-2017-12617)

In 2017, Bitcore researcher Peter Todd discovered a vulnerability in the handling of unqualified keys in libsecp256k1. This vulnerability allowed attackers to create specially crafted keys that could crash the application or even allow the attacker to execute arbitrary code on the affected device.

Lesson:

Insufficient validation of user inputs such as keys can lead to serious vulnerabilities. Developers should always validate and filter user input to minimize risks.

  1. Point multiplication vulnerability (CVE-2018-17144)

In 2018, several vulnerabilities were discovered in the calculation of point multiplication in libsecp256k1. These vulnerabilities allowed attackers to deanonymize wallets, attack network consensus, and, in some cases, even execute arbitrary code.

Lesson:

Validation and testing of cryptographic algorithms and functions, especially those used in critical systems, are necessary to identify and mitigate vulnerabilities. In addition, the use of unsafe functions such as point multiplication on critical systems should be avoided.

  1. Theoretical vulnerability in the Bitcoin network key format (CVE-2020-12066)

In 2020, security researcher Greg Maxwell discovered a theoretical vulnerability in the Bitcoin key format. This vulnerability could allow an attacker to recover private keys from public keys. While this vulnerability does not affect libsecp256k1 itself, it demonstrates the importance of secure key formats in cryptocurrency systems.

Title: Errors and vulnerabilities in the libsecp library: Cryptographic danger and its consequences

In modern cryptography, the libsecp library, used to work with cryptographic algorithms and signatures, plays an important role. However, like any software code, it can also be silently subject to errors and vulnerabilities. In this article we will look at some serious problems that can arise in this important library and their possible consequences.

  1. Rapid Algorithm Vulnerabilities: Libsecp, of which OpenSSL is a core part, sometimes experiences rapid spikes in problems related to known vulnerabilities. For example, in 2015, the Heartbleed attack was carried out, where the attacker interfered with the SSL protocol to obtain confidential data, including passwords. The library/libsecp, if not updated in a timely manner, could remain vulnerable to this threat.
  2. Insufficient data validation: In a library, especially when working with public keys, accurate data validation is important to avoid man-in-the-middle attacks. If enough control checks are not performed, an attacker can use invalid or modified data to their advantage.
  3. Global code errors: Library development requires error tolerance, but occasional errors in the code can still appear. If any part of the code is not implemented correctly, it can lead to data loss, incorrect execution of operations, or even buffer overflow attacks.
  4. Optional update: Please note that libraries, including libsecp, may have bugs that are not always detected automatically. If not regularly checked and updated, these errors can lead to exploitation and fraud.
  5. Protection against cryptographic attacks: It is important that libsecp is designed to take into account the onset of new attacks, such as cryptography or physical nanotech attacks. If the library has not been modified for new threats, this can effectively take control of the system.

Recently, the attention of information security researchers has been drawn to the libsecp library, which is often used in blockchain projects to implement elliptic curves. In this article, we will look at some serious bugs and vulnerabilities that have been discovered in libsecp.

  1. Vulnerability in the secp256k1_ecdh() function

In early 2021, researcher Findlay Kelly discovered a vulnerability in the secp256k1_ecdh() function, which is used to calculate public keys in the El Gamal elliptic curve cryptosystem. The error consisted of incorrect processing of points belonging to the neutral element of the group. This meant that an attacker could reduce security and recover the user’s private key.

  1. Vulnerability in the secp256k1_ecdsa_sign() function

In 2019, Twitter security researcher Dmitry Khovratovich discovered a vulnerability in the secp256k1_ecdsa_sign() function used to sign messages using an elliptic curve. The bug was that the library did not check the validity of the input data, which allowed an attacker to inject incorrect values ​​and thereby break the security of the signature.

  1. Vulnerability in the secp256k1_ecdsa_recover() function

In 2017, researchers from Cisco Talos discovered a vulnerability in the secp256k1_ecdsa_recover() function, which is used to recover a public key from a signature. The bug involved incorrect processing of specially crafted input data, which allowed an attacker to recover an unauthorized public key, thus breaking the security of the signature.

  1. Vulnerability in the secp256k1_ecdh() function (another one)

In 2016, researchers from the NCC Group discovered another vulnerability in the secp256k1_ecdh() function. The bug involved incorrect processing of some input data, allowing an attacker to know whether a given elliptic curve point belonged to a specific secret key. This could be used to attack the anonymity of users using this library.

  1. Disadvantages in the testing process

In 2015, researchers from Kudelski Security reviewed the libsecp source code and discovered problems during testing. They noted the lack of some tests for edge cases, as well as insufficient test coverage of critical parts of the code. This could lead to undetected errors and vulnerabilities in the library’s operation.

Libsecp is a commonly used library for working with cryptographic algorithms in programming languages, especially in the areas of security, hyphen technologies, and open source. However, as a mature system, it also suffers from bugs and vulnerabilities that can become potential problems for users and systems. In this article we will look at some serious problems that can arise in this cryptographic library.

  1. Rapid vulnerability to Side-channel Analysis attacks (AACA)
    Libsecp, like many cryptographic libraries, works with complex mathematical operations, which can lead to possible exposure of personal data through Side-channel attacks. AACA is a technique in which an attacker observes the execution of operations at the pure language level using various factors such as time, energy or thermal activity of the processor. If the library does not adjust for such aspects, users may become aware of how they fold or expand keys.
  2. Incomplete support or bugs in algorithms
    Sometimes a library may not include a complete set or correctly implement certain algorithms, which creates potential risks. For example, if it does not properly handle outdated or atypical data, it can lead to errors or even failure.
  3. Delays or hangs when processing large data
    One problem can be poor resource management when the library processes large or complex keys or messages. This can cause lags, CPU overload, or even freezes, which in turn can open up a vulnerability for attacks.
  4. Unprotected against vulnerabilities in binary code
    Many libraries, including libsecp, have source code that can be compiled into a binary file. If this does not happen correctly or if the binary code contains errors, an attacker could use the incorrect code to breach security.
  5. Insufficient Documentation and Feedback
    Monitoring and fixing bugs requires clear documentation as well as active feedback from the developer community. If the library does not provide enough information about these problems or does not respond quickly to reports of them, it may delay them in fixing them.

In conclusion, libsecp is a powerful security tool, but it and other cryptographic libraries can face serious problems if they are not built to modern standards. Proper management, continuous improvement and communication with the developer community are the keys to success in overcoming these vulnerabilities, libsecp despite its popularity in blockchain projects has not escaped security problems, the libsecp library is a powerful tool for cryptographic operations, but at the same time it also requires constant attention to safety. The process of updating, reviewing code, and monitoring vulnerabilities is key to protecting against potential problems. Companies and researchers must be prepared to detect and correct them to preserve data and ensure the reliability of cryptographic systems.


Useful information for enthusiasts:

Contact me via Telegram: @ExploitDarlenePRO