Our pre-sale is nearly here. Get early access.
BlogAboutContactNFTsHandles
Wallet
Learn

Cryptoglyphs: keeping secure with colored shapes

Enzo Meertens's photo
By Enzo Meertens
9.22.22

Logging in securely to personal accounts requires passwords. But when creating passwords, there are a few factors that you need to take into account. A password has to be memorable, secure and unique. It's easy to skimp on one (or more) of these criteria, like reusing hard-to-remember passwords multiple times. This exposes passwords to brute-force attacks – but what are they and how can they be counteracted?

Brute-force attacks work by trying to guess a password or hash. The computer programs used for brute-force attacks can guess anywhere from 10 thousand to 100 billion passwords per second. A successful attack can then be used, for example, to intercept a transaction and send it to a different address.

To prevent brute-force attacks, Ryder uses mathematics to generate a collection of eight digital colored shapes we call ”Cryptoglyphs”. These can be verified without a lot of effort by the user, but take a very long time for a  brute-force attack to decipher.

“How long?”, you might ask.

Ryder’s collection of eight Cryptoglyphs comes from a predefined set, consisting of 16 different shapes, each in eight colors (for a total of 128 unique Cryptoglyphs). Plugging these values into the following equations will give us an idea of how long a brute-force attack might take.

Using the entropy formula gives us log2(128^8) = 56 bits of entropy.

We can then use the entropy value to calculate the estimated time it takes for a brute-force attack to generate a set of similar Cryptoglyphs:

  • Assuming the attacker has a somewhat decent computer, e.g. 1 million guesses per second, generating an identical Cryptoglyph would take 36,028,797,019 seconds – over 1,142 years.

  • Assuming the attacker has an extremely strong computer, e.g. 350 billion guesses per second, generating an identical Cryptoglyph would take 102,939 seconds, over 28 hours.

  • Now imagine a government intelligence agency would attempt a brute-force attack. Their computer could potentially guess up to 100 trillion times a second. Generating an identical Cryptoglyph would take an average of 360 seconds or six minutes.

Six minutes, while it sounds short, is actually a long time while the user is waiting for the Cryptoglyphs to show up. In comparison, a set of eight random characters from a keyboard would take a mere 22.5 seconds to break. It’s also important to mention that not all inputs are valid or desirable, so the attacker is constrained in the types of guesses. The attacker would need to find a valid transaction that moves the victim’s tokens to their address and has the same Cryptoglyphs as the legitimate transaction. A very tall order!

At Ryder, security is key. A reliable and easy-to-use hash verification system like Cryptoglyphs will help you stay secure without worrying about mistakes or checking long and tedious hexadecimal numbers.

Cryptoglyphs are open source and can be found on GitHub: https://github.com/Light-Labs/cryptoglyphs-ts. Everyone is welcome to use it to better secure their wallets.

Article written by Enzo Meertens, Firmware Partner

Similar blog posts

Learn more about Ryder.

Similar blog posts

Learn more about Ryder.
Introducing Thunderbird - Ryder firmware 0.0.5
Announcement

Introducing Thunderbird - Ryder firmware 0.0.5

Read more
Ryder handles are here!
Announcement

Ryder handles are here!

Make sure you grab your favorite community handles at handles.ryder.id before they’re gone.
Ryder Visual Rebrand: Seeing Crypto With Fresh Eyes
Announcement

Ryder Visual Rebrand: Seeing Crypto With Fresh Eyes

How’s your #ryde on the Web3 wave?
Blog post

How’s your #ryde on the Web3 wave?

Let us bring you up to speed with how we are preparing Ryder to bring Web3 into all aspects of our lives.
Ryder Newsletter #1
Blog post

Ryder Newsletter #1

Well, hello there, Ryders. 👋 Buckle up and #ryde with us on web3 🏍️ This is the first edition of our…
Q32021 Recap and What’s ahead
Blog post

Q32021 Recap and What’s ahead

2021 is coming to an end, and we are still silently building like we used to, from software, hardware, to product design; we are h…
Transaction Signing is here!
Announcement

Transaction Signing is here!

Transaction signing is here! For those of you who were at our latest maker session you have probably heard of this, the next vers…
The Human Centered Design Process of Ryder
Learn

The Human Centered Design Process of Ryder

A hash algorithm, consensus mechanism, Proof-of-? Etc… this is just a small sample of the first few minutes of my very intenti…
Q22021 Recap
Blog post

Q22021 Recap

Ever since we started Ryder, there was no question that our utmost priority is open building. If you join us since our ideation st…
Hack away, Makers.
Learn

Hack away, Makers.

From engineering PRs to user product journey research, Ryder Maker Bounties reinvent how our community takes action. At Ryder, we…
The Ryder Simulator
Learn

The Ryder Simulator

We want Ryder to be a genuine community effort. But we recognize it is tricky to build with it if you do not have one in your hand…
Genesis: The Birth of Ryder
Blog post

Genesis: The Birth of Ryder

Our team is happy to announce that we just raised $100,000 from the Stacks Foundation.

Join the community

Github Discord Twitter Instagram LinkedIn
Built on Bitcoin + Stacks
© Ryder 2022