Видео [BlackHat USA 2023] Small Leaks, Billions Of Dollars - Cryptographic Exploits That Undermine Leading Crypto Wallets

[weaver]

Description

Multi-Party Computation (MPC) has become a common cryptographic technique for protecting hundreds of billions of dollars in cryptocurrency wallets. MPC algorithms are currently powering the wallets of Coinbase, Binance, Zengo, BitGo, Fireblocks and many other fintechs/banks servicing hundreds of millions of consumers and thousands of financial institutions.

This presentation examines the most common MPC protocols and implementations and shows that securing MPC remains a challenge for most companies.

We show practical key-exfiltration attacks requiring no more than a couple of hundred signatures. Namely, we show three different attacks on different protocols/implementations requiring 256, 16, and *one* signature, respectively.

video
youtube.com/watch?v=y9zA5O52u8w

slides
i.blackhat.com/BH-US-23/Presentations/US-23-Makriyannis-Small-Leaks-Billions-Of-Dollars.pdf