libbitcoin-perl icon indicating copy to clipboard operation
libbitcoin-perl copied to clipboard
verified publisher icon grondilu

EC::DSA uses Perl's 'rand' to generate Bitcoin keys

Open jes opened this issue 9 years ago • 2 comments

Perl's rand is not even remotely cryptographically-secure.

This should probably use, at minimum, Bitcoin::Util::randInt. And it would probably be better for Bitcoin::Util::randInt to use Bytes::Random::Secure or similar instead of its custom thing.

jes avatar Aug 28 '16 12:08 jes

In particular, from a quick glance through the Perl source, rand is seeded with only 4 bytes. Which means libbitcoin-perl will, on first invocation, generate one of only 4 billion different keys.

jes avatar Aug 28 '16 12:08 jes

I wrote a program that simply generates and prints a private key. I ran it 1.3 million times, and of the 1.3 million keys, 219 appeared twice. This is not safe.

jes avatar Aug 29 '16 08:08 jes