The IOTA coin price fell double-digits amid the discovery of “cryptographic vulnerabilities” in the eight-biggest cryptocurrency’s hash function by researchers at Boston University and MIT, leading the company to issue a patch in the cryptocurrency’s code.
IOTA Foundation has since rebuffed the claims, saying that while they appreciated the disclosure offered by the researchers, the attacks on its proprietary hash function were invalid and impractical based in part on the existing IOTA wallets. The damage, however, had already been done, evidenced by a 15% drop in the IOTA coin price.
Neha Narula, Director, Digital Currency Initiative at the MIT Media Lab, said in a post that upon developing their own attack, the researchers, using what she described as “commodity hardware” quickly uncovered collisions in a hash function dubbed Curl developed by IOTA. Curl has been replaced and rebranded as Kerl, and the current IOTA version does not contain the vulnerability.
Meanwhile, the incident drew harsh criticism from the security crowd.
“In 2017, leaving your crypto algorithm vulnerable to differential cryptanalysis is a rookie mistake. It says that no one of any caliber analyzed their system, and that the odds that their fix makes the system secure is low,” said security technologist Bruce Schneier to Narula.
Researchers reportedly were not happy with IOTA’s decision to develop its own hash given the availability of proven hashes in the industry. Nevertheless, IOTA reportedly did so to meet the rising transactional demand of its protocol.
And the fact that IOTA developed its own hash is not too surprising considering they also built their own blockchain alternative, Tangle.
Dominik Schiener, IOTA co-founder, was quoted in CleanTech Group in recent days as saying: “When we noticed the lack of existing decentralized solutions to settle transactions between … devices, we started working on one. That’s how the Tangle was born.”
IOTA, which boasts a market cap of approximately USD 2 billion, counts among its partners VW, Bosch, Innogy and Microsoft, has ambitions of becoming a standardized protocol that becomes embedded into the everyday life activities of users. IOTA also recently made its way into the cryptocurrency casino arena, with BitDice choosing IOTA’s Tangle for its platform.
The cryptocurrency’s sharp decline in price demonstrates the volatility that can accompany this market, IOTA’s MIOTA coin advanced 100% in one week’s time this summer.
Despite refuting the results of the Curl attack, IOTA supports greater collaboration between academia and cryptocurrency crowds. Meanwhile the final design of Kerl is under way.