Recent user complaints have pointed out to the fact that Monero’s seed encryption is vulnerable to any known plaintext recovery. The issue was reported by a Reddit user ‘fierce_uk’.
The bug in the code was not apparent at first because it was buried deep within the code, in the 1100th line.
Why is this bug a problem?
Adding a random number which represents the password to the plaintext compromises any other ciphertext that shares the same password if a plaintext is ever revealed. In the cryptographic language, this is known as a key recovery attack.
“A key recovery encryption system (or recoverable encryption system) is an encryption system with a backup decryption capability that allows authorized persons (users, officers of an organization, and government officials), under certain prescribed conditions, to obtain the keys needed to decrypt ciphertext.”
The issue arises from the fact that the 25-word format, which is an old version of the shoehorning security method, does not have enough space where an initialization vector can fit. The encrypted seed code has to be six words longer.
This will enable the code to include a 64 bit IV which is to be protected using a proper encryption algorithm. The words are to be replaced using a Gnu Private Guard. A GPG allows the user to encrypt and sign their data and communication. It also acts as an efficient key management system.
Garlicgambit, a Reddit user wanted to know:
“Does this negatively impact the plausible deniable seed storage method we posted about a couple of days ago? Will it need modifications or additional warnings? Or should it be taken down altogether?”
‘fierce_uk’, the Reddit user who discovered the vulnerability replied:
“My recommendation would be
- a) Never reuse a password between two seeds.
- b) Never disclose the spendkey to the wallet, even if you are done with it.
I opted to remove it, since using the word “encryption” in this context might mislead some users into thinking that the seed is actually as safe as it would be in an AES-encrypted message.”
Moreno has not yet responded to the fallacy in the seed code but users are expecting an update soon.
Subscribe to AMBCrypto’s Newsletter
Bitcoin [BTC] Price Analysis: Coin reunites with the bull after escaping the bear trap
Bitcoin [BTC]: John McAfee predicts Bitcoin to breach the $1 million mark on 31 December, 2020
Bitcoin Cash [BCH] Price Analysis: Coin breaks resistance as bulls look to settle down
Bitcoin SV [BSV] Price Analysis: Coin ready for a bull run as markets move steadily
Litecoin [LTC] Price Analysis: Bulls set to take charge as coin recovers from earlier losses
Bitcoin [BTC] developer Jimmy Song lists 3 reasons why Bitcoin SV [BSV] is a “scam”
Bitcoin [BTC] among cryptocurrencies enabled by new debit card launched by Australian Crypto exchange
Bitcoin [BTC]: Mt Gox redemption plan demonstrates the power of open source network, says Brock Pierce
Nouriel Roubini says JP Morgan’s cryptocurrency JPM Coin is a joke; compares it to XRP
A New Generation of Crypto-Exchange: ALL IN ONE Crypto-Exchange
Ethereum [ETH] dApp users drop as EOS and Tron dominate the market
Bitcoin [BTC] Futures by the Chicago Mercantile Exchange Group reaches an all-time high in Q1 of 2019
- Bitcoin Cash
Bitcoin Cash [BCH] support rolled out by Coinbase custodial wallet app
EOS and Litecoin [LTC] lead the charge as the cryptocurrency market continues to rise