Cryptanalysis of Curl-P and Other Attacks on the IOTA Cryptocurrency | Zendy

Ethan Heilman | Zendy; Neha Narula | Zendy; Garrett Tanzer | Zendy; James Peter Thomas. Lovejoy | Zendy; Michael Colavita | Zendy; Madars Virza | Zendy; Tadge Dryja | Zendy

AI Assistant Blog Pricing

Home ZAIA Blog

Open Access

Cryptanalysis of Curl-P and Other Attacks on the IOTA Cryptocurrency

Author(s) -

Ethan Heilman,

Neha Narula,

Garrett Tanzer,

James Peter Thomas. Lovejoy,

Michael Colavita,

Madars Virza,

Tadge Dryja

Publication year - 2020

Publication title -

iacr transaction on symmetric cryptology

Language(s) - English

Resource type - Journals

SCImago Journal Rank - 0.715

H-Index - 10

ISSN - 2519-173X

DOI - 10.46586/tosc.v2020.i3.367-391

Subject(s) - hash function , cryptanalysis , computer science , cryptography , computer security , cryptographic hash function , cryptocurrency , signature (topology) , curl (programming language) , theoretical computer science , mathematics , world wide web , geometry

We present attacks on the cryptography formerly used in the IOTA blockchain, including under certain conditions the ability to forge signatures. We developed practical attacks on IOTA’s cryptographic hash function Curl-P-27, allowing us to quickly generate short colliding messages. These collisions work even for messages of the same length. Exploiting these weaknesses in Curl-P-27, we broke the EUCMA security of the former IOTA Signature Scheme (ISS). Finally, we show that in a chosen-message setting we could forge signatures and multi-signatures of valid spending transactions (called bundles in IOTA).

The content you want is available to Zendy users.

Already have an account? Click here to sign in.

Having issues? You can contact us here

Empowering knowledge with every search

About

About Careers Publisher Partners Contact Us

Learn

FAQs Blog Terms of Use Privacy Policy

About

Learn

Discover

Explore