MIT And BU Researchers Uncover Critical Security Flaw In $2B Cryptocurrency IOTA
IOTA, a $2 billion cryptocurrency that supports Internet of things (IoT) transactions, was shown to have “serious weaknesses,” according to a report recently released by researchers at MIT and Boston University.
“When we took a look at their system, we found a serious vulnerability and textbook insecure code,” Neha Narula, director at MIT Digital Coin Initiative and a researcher involved in uncovering the flaw, wrote in a blog post.
Specifically, Narula and three other researchers claim they were able to break the homegrown hash function “Curl” that IOTA was using as part of its digital signature scheme, which ensures funds can only be spent by rightful owners. They then demonstrated how an attacker could forge a digital signature to steal a user’s funds.
IOTA is currently the eighth largest cryptocurrency by market cap. The project pulled in 1,337 bitcoin (valued at $500,000 at the time) in an initial coin offering (ICO) in late 2015. And, through its Trusted IOT Alliance, the project partners with several notable companies, including Microsoft.
Installing A Patch
It’s important to note that IOTA has since fixed the flaw.
Researchers notified IOTA of their initial findings in late July. In response, IOTA deployed a type of software upgrade known as a hard fork, on August 7, to stop using Curl for signatures. During that upgrade, cryptocurrency exchange Bitfinix halted withdrawals and deposits of IOTA for three days.
When reached out to for comments, Dominik Schiener, cofounder of IOTA, called some the claims in the vulnerability report “wrong,” and indicated his team would be releasing a formal, more detailed response soon.
“We are currently working on our response to this publication to refute some of the claims, especially related to the practicality of the attack and the loss dangers related to it,” he wrote in an email. (As an update, it looks like IOTA has posted their formal response here.)
Schiener also stated that IOTA has always been up front about the “weaknesses sand unknowns” in its protocol. In June, the project published a Transparency Report, where it admitted Curl did not have the vetting of “older” hash functions.
Despite that, it is curious the project took the risky step of creating its own cryptographic primitive.