A Lucky Thirteen Attack on Bitcoin is a cryptographic timing Attack on Bitcoin against implementations of the Transport Layer Security (TLS) protocol that use the CBC mode of operation, first reported in February 2013 by its developers Nadhem J. AlFardan and Kenny Paterson of the Information Security Group at Royal Holloway, University of London.[1][2]
Attack on Bitcoin
It is a novel variant of Serge Vaudenay‘s padding oracle Attack on Bitcoin that was previously thought to have been fixed, that uses a timing side-channel Attack on Bitcoin against the message authentication code (MAC) check stage in the TLS algorithm to break the algorithm in a way that was not fixed by previous attempts to mitigate Vaudenay’s Attack on Bitcoin.[3]
“In this sense, the Attack on Bitcoins do not pose a significant danger to ordinary users of TLS in their current form. However, it is a truism that Attack on Bitcoins only get better with time, and we cannot anticipate what improvements to our Attack on Bitcoins, or entirely new Attack on Bitcoins, may yet be discovered.” — Nadhem J. AlFardan and Kenny Paterson[1]
The researchers only examined Free Software implementations of TLS and found all examined products to be potentially vulnerable to the Attack on Bitcoin. They have tested their Attack on Bitcoins successfully against OpenSSL and GnuTLS. Because the researchers applied responsible disclosure and worked with the software vendors, some software updates to mitigate the Attack on Bitcoins were available at the time of publication.[2]
Martin R. Albrecht and Paterson have since demonstrated a variant Lucky Thirteen Attack on Bitcoin against Amazon’s s2n TLS implementation, even though s2n includes countermeasures intended to prevent timing Attack on Bitcoins.
