Paper 2019/344

Cryptanalysis of Curl-P and Other Attacks on the IOTA Cryptocurrency

Ethan Heilman, Neha Narula, Garrett Tanzer, James Lovejoy, Michael Colavita, Madars Virza, and Tadge Dryja

Abstract

We present attacks on the cryptography formerly used in the IOTA blockchain, including under certain conditions the ability to forge signatures. We developed practical attacks on IOTA's cryptographic hash function Curl-P-27, allowing us to quickly generate short colliding messages. These collisions work even for messages of the same length. Exploiting these weaknesses in Curl-P-27, we broke the EU-CMA security of the former IOTA Signature Scheme (ISS). Finally, we show that in a chosen-message setting we could forge signatures and multi-signatures of valid spending transactions (called bundles in IOTA).

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
A minor revision of an IACR publication in FSE 2020
Keywords
cryptocurrenciesdigital signatureshash functionscryptanalysis
Contact author(s)
ethan r heilman @ gmail com
History
2020-02-27: revised
2019-04-03: received
See all versions
Short URL
https://ia.cr/2019/344
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2019/344,
      author = {Ethan Heilman and Neha Narula and Garrett Tanzer and James Lovejoy and Michael Colavita and Madars Virza and Tadge Dryja},
      title = {Cryptanalysis of Curl-P and Other Attacks on the {IOTA} Cryptocurrency},
      howpublished = {Cryptology {ePrint} Archive, Paper 2019/344},
      year = {2019},
      url = {https://eprint.iacr.org/2019/344}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.