17 aug. 2023
Efiko CTO Ian Smith comments on a recent article from Mysten Labs
A recent article from Mysten Labs delves into the vulnerabilities associated with 160-bit ObjectIDs, particularly in the context of Ethereum addresses. The authors highlight the potential for ambush attacks, which exploit the predictability of these ObjectIDs. They emphasize the need for caution when using 160-bit ObjectIDs, especially in blockchain systems, due to the risks they pose.
In response to the article on ambush attacks on 160-bit ObjectIDs, we would like to add several valuable insights to help provide a deeper understanding of the vulnerabilities of 160-bit ObjectIDs.
1. Hash collisions and Birthday attacks: Efiko CTO Ian Smith's research from 2018 aligns with the findings presented in the article, especially concerning hash collisions and the birthday attack. He points out that as the number of group members for the birthday set increases, the security diminishes. As Ethereum expands its address base, the costs associated with these attacks decrease from the 2^80 threshold.
2. Ethereum's Address Ambiguity: Ethereum does not differentiate between contract and wallet addresses. This means a contract can be published with a hash that matches an existing wallet address.
3. Smart Contract Detection: While there are ways to identify smart contracts, these methods operate at the function level, not the address level. The problem of hash collisions is exacerbated by the fact that they only become weaker over time, even without specialized hardware.
4. Advanced Cryptographic Analysis: Techniques against hashes can effectively crack weak encryption systems, such as those used for WiFi and Windows passwords.
5. Rainbow Tables: These are a balance between computational time and storage space. By storing partial answers to calculations, they can be reused for multiple attacks. The uniqueness of a network's name, rather than the length of its password, determines the security of a WiFi network.
6. Bitcoin and Ethereum Address Calculation: The article's mention of the speed of blake2/blake3 can be countered by the observation that Ethereum uses an off-standard version of sha3 called keccak-256 and truncates the answer to 160 bits. Bitcoin, on the other hand, employs algorithm-based shortening. Both methods are not particularly fast, enhancing their security. The use of the key, which involves two points on an elliptical curve with a prime base and a random exponent (private key), further bolsters this security.
Subscribe to our newsletter and never skip a beat
Get updates on our latest research and important news