A Small Subgroup Attack on Bitcoin Address Generation

Massimiliano Sala, Domenica Sogiorno and Daniele Taufer
Additional contact information
Massimiliano Sala: Department of Mathematics, University of Trento, Via Sommarive 14, 38123 Povo (TN), Italy
Domenica Sogiorno: Department of Mathematics, University of Bari, 70121 Bari, Italy
Daniele Taufer: CISPA Helmholtz Center for Information Security, 66123 Saarbrücken, Germany

Mathematics, 2020, vol. 8, issue 10, 1-8

Abstract: We show how a small subgroup confinement-like attack may be mounted on the Bitcoin addresses generation protocol, by inspecting a special subgroup of the group associated to point multiplication. This approach does not undermine the system security but highlights the importance of using fair random sources during the private key selection.

Keywords: bitcoin; cryptography; digital signature (DS); blockchain; finite fields (search for similar items in EconPapers)
JEL-codes: C (search for similar items in EconPapers)
Date: 2020
References: View complete reference list from CitEc
Citations: View citations in EconPapers (1)

Downloads: (external link)
https://www.mdpi.com/2227-7390/8/10/1645/pdf (application/pdf)
https://www.mdpi.com/2227-7390/8/10/1645/ (text/html)

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:gam:jmathe:v:8:y:2020:i:10:p:1645-:d:418244

Access Statistics for this article

Mathematics is currently edited by Ms. Emma He

More articles in Mathematics from MDPI
Bibliographic data for series maintained by MDPI Indexing Manager ().