White Ops researcher exposes major error in Bitcoin Brainwallets

An ethical hacker has developed a new tool illustrate the ease with which unlawful entities can steal bitcoins from brainwallets, where passwords are not stored digitally but in the memory of the user.

Originally aimed at keeping sensitive wallet data offline and making bitcoin addresses easier to remember, the brainwallet was somewhat undone due to the manner in which it interacts with the bitcoin blockchain. It uses a single, long word or phrase, converts it to a private key, a public key and finally an address. Using an offline attack, it is possible to quickly guess probable passwords to see if they're valid.

Ryan Castellucci, a security researcher at digital fraud firm White Ops, has recently observed that there is a major defect in this method. He points out that the final bitcoin address is saved in the blockchain as a password hash, which helps in verifying whether the word or phrase is correct when used for website authentication. It implies that this data can be used as a reference to bad entities looking for the password.

Castellucci's brainwallet cracker called Brainflayer, released last week at DEF CON 23, one of the largest global annual hacker conventions, can guess 130,000 passwords per second. If run on more powerful computers, 560 million passphrases can be checked using just $1.

Speaking to CoinDesk, Castellucci said, "You can scream from the rooftops that something is weak and vulnerable, but many people will just stay in denial without a working proof of concept. I think that the concept of letting humans choose their own passwords and passphrases for high security applications is fundamentally flawed."