Private key hacks can be avoided by quality key generation and customer awareness

  • 14 July 2019, Sunday, 17:40

Cryptocurrency assets are the first form of financial currency which does not possess a physical presence. They are lines of codes on the blockchain network which gets stored on a user’s crypto wallet and the only way to access these wallets is through the use of private keys. The private key has to be a unique identifier otherwise the user’s wallet could be vulnerable to hacks.

Recently, it was also reported that a hacker had stolen over 45,000 ETH by guessing weak private keys of users. Although the probability of predicting private key was next to impossible, the hacker had managed to discovered 732 keys of customers.

Such incidents had taken place in the past and Adrian Bednarek, a senior security analyst, claimed that such vulnerabilities have occurred in private keys due to the complacency of the company or the software generating these keys.

Andreas M. Antonopoulos, Author of Mastering Bitcoin, recently stated that in order to generate a good quality private key, it was necessary that the software was processing a good quality entropy randomness. He also opined that a level of trust on the software or operator generating the keys was important and users should always look out for inefficiency.

Hardware wallets such as Trezor One and Ledger Nano S usually have built-in random number generator system and they process high-level randomness to generate private keys. However, the level of trust is an important factor in the generation of private keys since a developer of a wallet application can also easily go rogue and access the private of the users to steal funds.

Antonopoulos stated that the only solution to tackle such a situation is to be extremely careful with the software wallet they install in the mobile phones in order to minimize “exposure to attacks.”

In the past, a lot of cryptocurrencies have been lost due to private keys. Earlier this year, A sum of $190 million worth of crypto went missing when the CEO of QuadrigaCX died in Jaipur and the private keys could not be recovered.

Source: ambcrypto.com