Interesting story here, h/t @kristapsk , apparently latest openssl has in some sense 'deprecated' RIPEMD160 (which is used in creating legacy bitcoin addresses), in the sense that it won't be available in the default configuration of the newest openssl.
openssl is one of those scary things you try hard to not use because it's a bunch of dependency cruft.
But ! In python, hashlib is apparently using it under the hood ... (1/2)
@kristapsk ... so the idea of replacing with a custom implementation arises. This is being discussed for python-bitcointx: https://github.com/Simplexum/python-bitcointx/issues/64 ,
and the question of: is it constant time? arose. I see that as not an issue since this hash only protects public keys/scripts, not secret key material. There's no attack worth mentioning. It's also interesting that the openssl people consider this hash 'broken', although I'm not sure of details (collisions or preimage or?).
@Ogfomk @sjors @kristapsk the 'constant time' thing is about what's generally called 'sidechannel attacks'. Basic idea is: if I have *some* access to your system, and I want to steal your private keys, there might not be a direct bug I can exploit, but if I can see a difference in processing time for different signatures/operations, I can use sophisticated algorithms to convert that tiny bit of information, into information about your private key. It's extremely difficult but possible. (1/2)
Libraries like libsecp256k1 have to take this seriously, since they get used across all kinds of devices, any of which might be vulnerable to sidechannel analysis. Writing cryptographic code so it takes the same amount of time independent of secret key material is a (2/3)
Thank you for taking the time to explain that. It makes sense. Kind of like the ability to listen to cat5/6 or window panes without a physical connection (or am Orthodox connection).
This attack vector is reserved for big fish.
Or it is reserved for low hanging fruit.
Better to make security cheap and attacks expensive!
The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!