Paper 2023/1234
Practical Key-Extraction Attacks in Leading MPC Wallets
Abstract
Multi-Party Computation (MPC) has become a major tool for protecting hundreds of billions of dollars in cryptocurrency wallets. MPC protocols are currently powering the wallets of Coinbase, Binance, Zengo, BitGo, Fireblocks and many other fintech companies servicing thousands of financial institutions and hundreds of millions of end-user consumers. We present four novel key-extraction attacks on popular MPC signing protocols showing how a single corrupted party may extract the secret in full during the MPC signing process. Our attacks are highly practical (the practicality of the attack depends on the number of signature-generation ceremonies the attacker participates in before extracting the key). Namely, we show key-extraction attacks against different threshold-ECDSA protocols/implementations requiring $10^6$, $256$, $16$, and *one signature*, respectively. In addition, we provide proof-of-concept code that implements our attacks.
Note: New sections on Detection & Mitigation and Responsible Disclosure + Minor edits
Metadata
- Available format(s)
-
PDF
- Category
- Attacks and cryptanalysis
- Publication info
- Preprint.
- Keywords
- ECDSAMPCThreshold CryptographyDigital SignaturesAttacksKey-Extraction
- Contact author(s)
- n makriyannis @ gmail com
- History
- 2024-01-29: revised
- 2023-08-15: received
- See all versions
- Short URL
- https://ia.cr/2023/1234
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2023/1234,
author = {Nikolaos Makriyannis and Oren Yomtov and Arik Galansky},
title = {Practical Key-Extraction Attacks in Leading MPC Wallets},
howpublished = {Cryptology ePrint Archive, Paper 2023/1234},
year = {2023},
note = {\url{https://eprint.iacr.org/2023/1234}},
url = {https://eprint.iacr.org/2023/1234}
}
