0

In the event that AES is cracked, what are the implications for the consensus layer of bitcoin? What are the implications for user's bitcoin wallets? On average, how many bitcoin would be available to steal? After either a large-scale theft or migration event, would bitcoin be able to emerge as a secure network with its current implementation or a soft fork?

(Note: Discussion for whether AES can be cracked, or whether the incentives are in place to handle the transition from pre to post-event, or discussion on a bitcoin hard fork are out of scope. This is purely a technical question about what is possible with the cryptography bitcoin currently has under an AES-cracked scenario)

hedgedandlevered
  • 1,493
  • 1
  • 10
  • 23
  • 2
    Why ask specifically about AES-192? I don't know anything that uses that at all (AES-256 and AES-128 are more common). – Pieter Wuille Nov 28 '23 at 20:31
  • Good idea. The inspiration for this question was this (likely hoax) https://www.reddit.com/r/singularity/comments/1824o9c/is_this_leaked_explanation_of_what_ilya_saw_real/ but should be generalized. Editing. – hedgedandlevered Nov 29 '23 at 19:15

1 Answers1

1

Consensus Layer of Bitcoin

No direct impact: Bitcoin's consensus mechanism, which relies on SHA-256 and ECDSA, would not be directly affected by the cracking of AES, as it does not use AES for its core functions.

User's Bitcoin Wallets

Indirect impact on wallet security: Major hardware wallets (Trezor, Ledger, KeepKey) focus on secure key storage and physical device integrity rather than AES encryption. Therefore, the direct impact on these wallets would be minimal.

Bitcoin Availability for Theft

Limited direct risk: The amount of Bitcoin at risk would not directly increase due to AES being compromised, as Bitcoin addresses and keys do not rely on AES. The exposure of full public keys from address reuse poses a risk only if ECDSA is compromised. (Note that bitcoin can still be secure under cracked ECDSA, but any address which has a spent transaction output will have its private key exposed)

Bitcoin's Future Post-Event

No protocol change is necessary for AES. Since Bitcoin’s core protocol does not depend on AES, cracking AES would not necessitate a protocol change or even a soft fork for Bitcoin’s operations. However, peripheral systems using AES may need to upgrade their security (e.g. some wallets such as Bitcoin Core).

So in summary, peripheral security measures might need reevaluation, but the primary mechanisms of Bitcoin remain secure against an AES compromise.

hedgedandlevered
  • 1,493
  • 1
  • 10
  • 23