A new research paper by Joachim Breitner and Nadia Heninger about the repeated use of insufficiently random ‘nonces’ (‘k’ values) in ECDSA digital signatures has caught the attention of Ripple.
The San Francisco based blockchain startup talked about the research which highlights an attack that is more serious than previously known on digital signatures with imperfect nonces.
The Nonce Sense of Digital Signature
In the research titled, “Biased Nonce Sense: Lattice Attacks against Weak ECDSA Signatures in Cryptocurrencies” the authors suggest that inconsistent or repeated signature nonces could create a security problem for the users.
Breitner and Heninger suggest that repeated nonce values can make the ECDSA keys insecure.
“In fact, any nonuniformity in the ECDSA signature nonces can reveal the private key, given sufficiently many signatures,” they noted.
What Did Ripple Say?
Ripple noted that the vulnerability is a result of a software defect “that signs transactions that are subsequently submitted to systems that use secp256k1 signatures — including Bitcoin, Ethereum, XRP Ledger and dozens of other distributed ledger technologies.”
However, Ripple said that the vulnerability is not present on the core software that runs these blockchains.
The company then went on to say that those using exclusively deterministic nonces will not be vulnerable to the attack mentioned in the paper.
It added that using deterministic nonces how they are described in RFC6979 has been the agreed industry recommendation for several years when generating signatures.
Ripple said that it is not an issue with the XRP ledger and that it’s an issue with ECDA signatures that are improperly made.
Ripple added that the systems using secp256k1 signatures and the ones that support reuse of private keys are affected and this includes Bitcoin, XRP Ledger, and many other blockchain systems.
Ripple recommended that users utilize Ed25519 keys or software using deterministic nonces in its signatures.
It went on to provide a flowchart and FAQ to help solve user queries.