[onerng talk] Bitcoin problems with wear RNGs

ianG iang at iang.org
Mon Jan 5 11:26:32 GMT 2015


On 5/01/2015 09:01 am, Jim Cheetham wrote:
> I haven't spent much time looking at the altcoins, but it seems like
> there's sufficient incentive in there to attack the RNGs ...
>
> https://www.cryptocoinsnews.com/bitcoin-exchange-bitstamp-withdrawals-deposits-stopped-possible-rng-attack/


Yes, bitcoin and variants is one of the rare areas where more than 
normal attention should be paid to RNs.  Digital cash that is not 
"reversible" has a very high risk profile.  Suppliers should go the 
extra mile.

As a side comment:  Over on CAcert I keep a history of PKI style attacks 
[0].  It would be quite interesting to develop a history of RN attacks.

You could see it as a marketing exercise for RNGs like OneRNG :)  In 
more formal practice it is a "history" in risk analysis that helps us to 
estimate the likelihood and damage of a particular risk.  E.g., if we 
have no history of RNGs failing, we shouldn't mitigate the risk, coz it 
doesn't happen.

If someone wants to work on that, I'll happily help!


iang


[0] https://wiki.cacert.org/Risk/History


More information about the Discuss mailing list