Author

Topic: "Grabbing" multiple wallets from the ripple "wallet server" for offline cracking (Read 1951 times)

sr. member
Activity: 448
Merit: 254
Thank you xkind for correcting me, I sent you a few XRP.  By the way, here's the referenced post of mine, which has been corrected.
newbie
Activity: 7
Merit: 0
Awesome.  Thanks scintill!

I also got a response in the ripple forums from the forum moderator, dchapes, which confirms what you and I both just said--that you need to have the wallet name and passphrase first to get a wallet from the blob vault.

Here's the link to that post:

https://ripple.com/forum/viewtopic.php?f=5&t=2967

Since I don't have enough posts to have a signature yet, here's my ripple public address which I just barely got:

rL8ab1FDcnvuzv1JRVFuvercxZDSdAVyx8

I accept donations for interesting and helpful posts Smiley

I feel better about ripple now.
sr. member
Activity: 448
Merit: 254
Hmm, glad I saw this by chance.  At first I was wondering why it was in a new topic, but then I saw OP is a newbie.

I feel bad if anyone took my word on this, as it looks like I was wrong. Sad  I'll be editing that post.  From what I can tell looking at this code, the encrypted blob is indeed fetched with a key that is a hash of the username and password combined.

The good news about me being wrong is that your wallet held in the default blob vault is somewhat more secure than I said, as it can't be cracked offline unless the attacker already has the encrypted blob.  But know that if you don't trust the blob vault provider (I think this is where some of you are going with what sounds like suspicions), they can attempt crack your blob offline like I said.  Or if they get breached the hash protection could be circumvented.  In any case, a strong passphrase and probably unique username is always a good idea.

I believe you can also set up your own blob vault and use it with the default client, if you don't trust someone else to not pry into yours and secure it properly from others.
newbie
Activity: 7
Merit: 0
No the once the blob is hel locally they can attempt to crack.  Use complex passwords and make the length > 20 characters.  Mine is > 40 characters and random a-z, A-Z, 0-9 and symbols.

From reading the api, it seems like to be able to get the blob in the first place from the blob vault, you have to have the wallet name and passphrase.  Then you use the same wallet name and passphrase to decrypt it.  So I don't understand this idea of first holding a blob locally and then attempting to crack it, unless you obtained the wallet from somewhere other than the blob vault.

legendary
Activity: 1450
Merit: 1013
Cryptanalyst castrated by his government, 1952
That was a memorable first post, regardless of where the story goes next.
mjc
hero member
Activity: 588
Merit: 500
Available on Kindle
No the once the blob is hel locally they can attempt to crack.  Use complex passwords and make the length > 20 characters.  Mine is > 40 characters and random a-z, A-Z, 0-9 and symbols.
newbie
Activity: 7
Merit: 0
This quote from senior forum member on the bitcoin forum "scintill" has made me think twice about using ripple.

Quote

Re: ripple account hacked
May 06, 2013, 05:47:57 AM
 #12
Quote from: loudpete on May 06, 2013, 05:28:13 AM
So what were you using for passwords?  now that you wont be using them anymore...

Still, seems like they'd have to try 62,000 passwords per user account, wouldn't the ripple servers block more then 5 attemps (for like an hour) making this impossible?

No, the Ripple webclient wallet is decrypted client-side in the user's browser.  So they just grabbed the encrypted wallet and cracked it locally.  Blockchain.info wallets works the same way, so they can also be cracked like this.

It's possible they grabbed a bunch of wallets around the same time that maybe should have tripped an alarm on the Ripple wallet server, but we don't know, and there's nothing Ripple can really do to perfectly prevent this.  The user has to pick a good passphrase and ideally also a non-obvious wallet ID as well.


I think by "wallet server" he means the "blob vault".  If so--looking at the API, it seems you need to send an encrypted wallet name and passphrase to retrieve a wallet.  So why did scintill say that someone could "grab" multiple wallets at once and crack them locally?  Don't you potentially have to make thousands of api calls to be able to guess the password from a list of common passwords?  (This is still easy, but an important distinction to me, because it leaves a record that can be used to incriminate the attacker.)
Jump to: