undefined | Better HN

0 pointslgierth8y ago0 comments

> 1. There have no vulnerabilities in the past.

I don't know man, the MIT Digital Currency Initiative found a pretty bad one last August:

https://medium.com/@neha/cryptographic-vulnerabilities-in-io...

> the IOTA developers had written their own hash function, Curl, and it produced collisions (when different inputs hash to the same output). Once we developed our attack, we could find collisions using commodity hardware within just a few minutes, and forge signatures on IOTA payments. We informed the IOTA developers, they patched their system, and we wrote a vulnerability report

0 comments

6 comments · 3 top-level

vvangemert8y ago· 2 in thread

You should really read my first link and https://twitter.com/c___f___b/status/956445618381246464

The MIT-DCI are not credible..

lgierthOP8y ago

I value the MIT Media Lab and its DCI group pretty highly. There is nothing about the Media Lab or the DCI in that first link of yours. [1]

So what were you trying to say?

What I did find in that first link of yours [1] is this gem though:

> The IOTA hash function, Curl-P, was designed to allow for practical collisions. The IOTA protocol’s security depends solely upon the one-wayness of the function, not its collision resistance. The rationale behind the design of Curl-P is a much more complicated question which we explain in detail.

This statement is alarming on so many levels.

[1] https://blog.iota.org/official-iota-foundation-response-to-t...

// edit: oops, I see now that it's a multipart post, so I'll have a look there.

// edit: yeah okay, nothing of substance in the other parts either.

fabian2k8y ago

Part 4 explains the Curl-P part in more detail, and it doesn't inspire any confidence. They are claiming that they intentionally inserted a known bad hash function in the open source part of the code, so that anyone "fraudulent" clones would be useless. The closed source coordinator is claimed to avoid this problem by some way, so they claim that the IOTA network is not affected.

I'm having a very hard time believing that explanation, but even if I do, it's still something that shows bad judgement in my opinion.

berberous8y ago· 1 in thread

What’s even worse is that they claimed the flaws were deliberate, and a method of ‘copy protection’, where the flaws were somehow avoided in their full codebase but would cause any competitor that copied their open source code to suffer the flaws.

Smells like a BS excuse to me, and if true, perhaps an even bigger red flag as it strikes me as a very unethical move that is antithetical to open source ideology.

etunity8y ago

Just to be clear, for the vulnerabilities DCI found to be exploited, the victim has to practically give away their private key at which point the descibed attack is moot.

IOTAs developer CFB has used this kind of copy protection for hen he developed NXT and his entire history is littered with arguing for putting a copy protection in place. His argument for putting that in place is any legitimate developer would review the code for vulnerabilities and kinks b fore implementation and only those trying to plagiarize the work would literally copy paste the code. That seems a rational argument to me and I am not entirely sure if the copy protection in IOTA’s case is deliberate or not but they say it is and his historical work seems to be in line with that

lgierthOP8y ago

DCI's report: https://github.com/mit-dci/tangled-curl/blob/master/vuln-iot...

j / k navigate · click thread line to collapse

0 comments

6 comments · 3 top-level

vvangemert8y ago· 2 in thread

You should really read my first link and https://twitter.com/c___f___b/status/956445618381246464

The MIT-DCI are not credible..

lgierthOP8y ago

I value the MIT Media Lab and its DCI group pretty highly. There is nothing about the Media Lab or the DCI in that first link of yours. [1]

So what were you trying to say?

What I did find in that first link of yours [1] is this gem though:

This statement is alarming on so many levels.

[1] https://blog.iota.org/official-iota-foundation-response-to-t...

// edit: oops, I see now that it's a multipart post, so I'll have a look there.

// edit: yeah okay, nothing of substance in the other parts either.

fabian2k8y ago

I'm having a very hard time believing that explanation, but even if I do, it's still something that shows bad judgement in my opinion.

berberous8y ago· 1 in thread

Smells like a BS excuse to me, and if true, perhaps an even bigger red flag as it strikes me as a very unethical move that is antithetical to open source ideology.

etunity8y ago

Just to be clear, for the vulnerabilities DCI found to be exploited, the victim has to practically give away their private key at which point the descibed attack is moot.

lgierthOP8y ago

DCI's report: https://github.com/mit-dci/tangled-curl/blob/master/vuln-iot...

j / k navigate · click thread line to collapse