Google has come clean about flaws in Android’s pseudo-random number generator that led to the theft of funds from Bitcoin wallets, and offered a number of fixes and patches.
It emerged earlier this week that Bitcoin wallets using Android’s SecureRandom service were vulnerable, with several reports of stolen BTC balances.
It is believed Bitcoin apps had signed numerous transactions with the same supposedly random number created by Google’s SecureRandom. Every transaction requires a signature of the private key and a freshly generated random number.
If there is more than one occurrence of the same private key and the same “random” number in this process, this can be exploited to acquire the private key of a user and pretend to be them.
The weakness lies in the pseudorandom number generator (PRNG) in Android’s Java Cryptography Architecture (JCA), Google has admitted.
Android security engineer Alex Klyubin said apps using this “may not receive cryptographically strong values on Android devices due to improper initialisation of the underlying PRNG”. “Applications that directly invoke the system-provided OpenSSL PRNG without explicit initialisation on Android are also affected,” he added.
According to Symantec, over 320,000 Android apps use SecureRandom in the same way Bitcoin wallets do, meaning that many could be vulnerable.
Google has sent patch information to device manufacturers, meaning if its hardware partners push out updates, users should be protected. There is no information on when they might do that, however.
It has also given developers advice. “Developers who use JCA for key generation, signing or random number generation should update their applications to explicitly initialize the PRNG with entropy from /dev/urandom or /dev/random,” Klyubin added.
“Developers should evaluate whether to regenerate cryptographic keys or other random values previously generated using JCA APIs such as SecureRandom, KeyGenerator, KeyPairGenerator, KeyAgreement, and Signature.”
A host of Bitcoin wallets have now been updated, including Bitcoin Wallet, Bitcoin Spinner, Mycelium Bitcoin Wallet and blockchain.info.
Are you a security expert? Try our quiz!
Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…
Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…
Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…
Welcome to Silicon In Focus Podcast: Tech in 2025! Join Steven Webb, UK Chief Technology…
European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…
San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…