UPDATED 14:07 EST / AUGUST 16 2013

NEWS

Android Crypto PRNG Flaw Aided Bitcoin Thieves, Google Releases Patch

Bitcoin, the virtual currency attracts more and more users in the world and can be used in different devices, including Android smartphones. Every device that uses Bitcoin requires a wallet or digital wallet, which stores digital currency to receive and perform digital transfer of money–but a flaw in the Android secure random system has put the cryptography used to protect those wallets at risk.

Earlier this week, expert programmers found that the “digital wallets” used in the Android app are likely to be stolen by a bug in the operating system. Programmers detected a vulnerability in operating system that recently hijacked Bitcoin transactions and stole approximately US$5,720 worth of Bitcoins from Android digital wallet apps. The flaw became widely known after a Bitcoin developer group warned Sunday that it made bitcoins stored in some Android software clients vulnerable to theft.

In a blog post by Android Security Engineer Alex Klyubin, Google admitted that the flaw was in Android’s Java and OpenSSL crypto PRNG (pseudorandom number generator), which generate long, impossible-to-predict numbers to ensure secret encryption keys or digital signatures. The developer found that PRNGs used to generate random transaction number, but as in the case of Bitcoin the thieves used the same number to pilfer multiple transactions.

“We have now determined that applications which use the Java Cryptography Architecture (JCA) for key generation, signing, or random number generation may not receive cryptographically strong values on Android devices due to improper initialization of the underlying PRNG,” Klyubin wrote.

Applications that directly invoke the system-provided OpenSSL PRNG without explicit initialization on Android are also affected. Apps such as Coinbase and Mt.Gox that establish encrypted connections using the HttpClient and java.net classes aren’t vulnerable.

Klyubin advised developers to update their applications to explicitly initialize the PRNG. “Developers who use JCA for key generation, signing or random-number generation should update their applications to explicitly initialize the PRNG with entropy from /dev/urandom or /dev/random. Also, developers should evaluate whether to regenerate cryptographic keys or other random values previously generated using JCA APIs such as SecureRandom, KeyGenerator, KeyPairGenerator, KeyAgreement, and Signature.”

Earlier, Symantec also reported that upwards of 360,000 apps using the SecureRandom class, containing the PRNG flaw in Bitcoin’s Elliptic Curve Digital Signature Algorithm (ECDSA). Symantec said Bitcoin uses the ECDSA algorithm to ensure that funds can only be spent by their rightful owners. The algorithm requires a random number to compute an ECDSA signature, but if two different messages are signed with the same private key and the same random number, the private key can be derived.

“This particular exploit, affecting a massive marketshare of mobile devices, may be lending itself to making it obvious how important security is on mobile,” says Kyt Dotson, SiliconANGLE assistant editor and writer for the Bitcoin Weekly column. “Regulators have been champing at the bit to understand Bitcoin and general insecurity in the products that hold it–even if by way of an entire platform being insecure–may have helped give them a reason to move on this. Bitcoin depends heavily on strong cryptography especially at the mobile-level to protect keys stored in wallet.”

Google patches Android

Symantec in its Norton Mobile Insight data said there are more than 360,000 applications that make use of SecureRandom and over 320,000 of them use SecureRandom in the same way the bitcoin wallets did. This could lead to a higher increase of vulnerability.

Google, however, was quick to release patches for the cryptography flaw in Android. Alex Klyubin said the patches have been passed to Open Handset Alliance, a trade group dedicated to development of Android for review.

With as many as two security holes recently exposed in Android’s Google Wallet app, the platform may not yet quite be ready for the financial big time.


A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU