Ripple Refutes University of Bern’s Security Findings

2020-12-4 22:38

Researchers at the University of Bern have analyzed the Ripple blockchain and found that the blockchain is lacking in security. Ripple, however, contests those claims.

Ripple Allegedly at Risk

According to the Bern research team, Ripple ensures “neither safety nor liveness” under the assumptions that it makes.

In this context, lack of safety means that Ripple may not adequately prevent double spending (ie. counterfeit transactions) and unwanted ledger forks. Lack of liveness means that the blockchain may not continue to process transactions normally.

The team created a model to show that Ripple does not achieve those goals even under “mild adversarial conditions.” Allegedly, the presence of just a few malicious nodes can cause problems, even under standard conditions. Those malicious nodes can send conflicting messages that are missed by correct nodes.

Researchers add that centralization mitigates the issue. As a company, Ripple supplies a default Unique Node List, which is currently used by all validators. Though decentralization is usually seen as beneficial, in this case a centralized trusted list provides better security by providing trusted validators.

Is the Risk Real?

Ripple CTO David Schwartz has responded to the supposed threat. Though he says that he “appreciates having any weaknesses identified and pointed out,” he believes that the attack is impractical.

He argues that Ripple’s approach is more secure than other blockchains because an attacker would need to both partition the network and control part of the Unique Node List. Furthermore, the attackers would only have one chance to jeopardize the Unique Node List before being removed from that list permanently.

Schwartz previously acknowledged the possibility of this sort of attack in 2013. There, he additionally noted that validators would refuse to come to consensus with each other and would automatically declare the network unusable. This suggests that Ripple’s design has some level of failsafe beyond what the University of Bern describes.

Ultimately, it is not clear whether the attack could be executed. University of Bern Researchers admit that their attack model is “purely theoretical,” but maintain that it could be put into practice.

Similar to Notcoin - Blum - Airdrops In 2024

origin »

Ripple (XRP) на Currencies.ru

$ 2.2035 (+0.92%)
Объем 24H $12.165b
Изменеия 24h: -2.19 %, 7d: -7.93 %
Cегодня L: $2.1359 - H: $2.2257
Капитализация $126.158b Rank 4
Цена в час новости $ 0.6289 (250.37%)

security findings bern refutes university ripple

security findings → Результатов: 43


Survey Shows Banks and Governments Still View Crypto as Risky

The Royal United Services Institute (RUSI), the UK’s “leading” defense and security think tank, has released the findings of a new survey on perceptions of the crypto industry. Conducted in partnership with the Association of Certified Anti-Money Laundering Specialists (ACAMS) and market research firm YouGov, the survey represents 566 unique responses from across the global […] The post Survey Shows Banks and Governments Still View Crypto as Risky appeared first on BeInCrypto.

2020-9-30 18:30


Фото:

Indians Five Times More Likely to Suffer Crypto-Related Hacks: Report

People in India are five times more likely to suffer a cryptocurrency mining hack because of poor consumer awareness, according to a new security report by Microsoft. In its findings published July 29, Microsoft notes that although the number of similar attacks declined by 35% in 2019 from a year earlier, Indians, together with Sri […] The post Indians Five Times More Likely to Suffer Crypto-Related Hacks: Report appeared first on Bitcoin News.

2020-8-4 19:33


Фото:

Russian cyber spooks piggyback Iranian hackers to spy on 35 countries

Cybercriminals with ties to the Russian government have been found to piggyback on hacking tools developed by Iranian threat groups to mount their own attacks against 35 countries. The findings — based on a joint report by the US National Security Agency and the UK’s National Cyber Security Centre (NCSC) — reveal the focus of the activity was largely in the Middle East, where the targeting interests of both Advanced Persistent Threats (APTs) overlap.

2019-10-22 10:07


Cybercriminals are targeting healthcare companies with phishing campaigns to steal sensitive data

Healthcare providers are facing an unprecedented level of social engineering-driven malware threats, according to new research. The findings — disclosed by California-based enterprise security solutions provider Proofpoint US — discovered at least 77 percent of email attacks on the medical sector during the first three months of 2019 involved the use of malicious links.

2019-10-9 19:00


Фото:

Google purges 24 malware-ridden apps that were downloaded 500,000 times

Android just can’t seem to shake off its malware issues.  A new malware campaign targeting Android has been found to engage in ad fraud at least since early June 2019. The findings, disclosed by cybersecurity firm CSIS Security Group, reveal that the malware — called Joker — is designed to surreptitiously sign users up for premium service subscriptions, in addition to stealing the victim’s SMS messages, the contact list, and device information.

2019-9-10 10:46


Фото:

Facebook data leak (yeah, another one) allegedly exposes passwords, likes, etc

Flip that board that says “It’s been _ days since we found a massive pile of unsecured Facebook data” right back to zero, and get ready to reset your passwords again just to be safe. Security researchers discovered hundreds of millions of records on publicly-accessible Amazon cloud servers — including names, passwords, comments, likes, and all the other stuff we should all just assume has already leaked at some point.

2019-4-4 00:23


Фото:

Security Researchers Reveal Wallet Vulnerabilities On Stage at 35C3

In a demonstration titled “Wallet. fail,” a team of security researchers hacked into the Trezor One, Ledger Blue and Ledger Nano S. Unfortunately, it appears as if their findings were first put on display at the 35th Chaos Communication Congress (35C3) in Leipzig, Germany, rather than through accepted Responsible Disclosure practices, which would have allowed the manufacturers to patch the vulnerabilities and protect their customers from any potential attack.

2019-1-1 19:15


Фото:

Coinbase and Kraken hit back at NY Attorney General’s scathing criticism

Cryptocurrency exchanges are hitting back at New York Attorney General’s scathing criticism, suggesting the industry lacks fairness, integrity, and security. Earlier this week, the office of the NY Attorney General office published a report which highlighted a number of risks cryptocurrency exchanges expose their users to, including the possibility of market manipulation.

2018-9-20 13:50


Фото:

Security Researchers Break Down McAfee-Endorsed Cryptocurrency Wallet, Find Nothing but a Cheap Smartphone

The world’s first “unhackable” cryptocurrency wallet, as claimed by John McAfee, faced the wrath of security researchers soon after its announcement on July 28, 2018. Not so Unhackable Cybersecurity blogger Ryan Castellucci first called out Bitfi’s supposed security features on his blog, breaking down several aspects that struck experts as suspicious.

2018-8-3 19:00