説明
<jats:p>We present attacks on the cryptography formerly used in the IOTA blockchain, including under certain conditions the ability to forge signatures. We developed practical attacks on IOTA’s cryptographic hash function Curl-P-27, allowing us to quickly generate short colliding messages. These collisions work even for messages of the same length. Exploiting these weaknesses in Curl-P-27, we broke the EUCMA security of the former IOTA Signature Scheme (ISS). Finally, we show that in a chosen-message setting we could forge signatures and multi-signatures of valid spending transactions (called bundles in IOTA).</jats:p>
収録刊行物
-
- IACR Transactions on Symmetric Cryptology
-
IACR Transactions on Symmetric Cryptology 367-391, 2020-09-28
Universitatsbibliothek der Ruhr-Universitat Bochum
