Private Key Recovery on Bitcoin with Duplicated Signatures

• Ju-Seong Ko,
• Jin Kwak,

Vol. 14, No. 3, March 31, 2020
10.3837/tiis.2020.03.020, Download Paper (Free):

• Blockchain
• Bitcoin
• ECDSA
• Private Key Recovery
• Duplicated Signatures

Abstract

In the modern financial sector, interest in providing financial services that employ blockchain technology has increased. Blockchain technology is efficient and can operate without a trusted party to store all transaction information; additionally, it provides transparency and prevents the tampering of transaction information. However, new security threats can occur because blockchain technology shares all the transaction information. Furthermore, studies have reported that the private keys of users who use the same signature value two or more times can be recovered. Because private keys of blockchain identify users, private key leaks can result in attackers stealing the ownership rights to users’ property. Therefore, as more financial services use blockchain technology, actions to counteract the threat of private key recovery must be continually investigated. Private key recovery studies are presented here. Based on these studies, duplicated signatures generated by blockchain users are defined. Additionally, scenarios that generate and use duplicated signatures are applied in an actual bitcoin environment to demonstrate that actual bitcoin users’ private keys can be recovered.

Statistics

Cite this article