Bitcoin Forum
May 24, 2024, 07:10:49 PM *
News: Latest Bitcoin Core release: 27.0 [Torrent]
 
   Home   Help Search Login Register More  
Bitcoin Forum > Bitcoin > Development & Technical Discussion > Wallet software > Hardware wallets > Wallet security hardware
Pages: [1]
« previous topic next topic »
  Print  
Author Topic: Wallet security hardware  (Read 930 times)
n2liquid (OP)
Newbie
*
Offline Offline

Activity: 33
Merit: 0



View Profile
June 18, 2011, 02:13:34 AM
Last edit: June 18, 2011, 02:48:25 AM by n2liquid
 #1
Hello, fellow coin owners.

I'm very new into this Bitcoins thingy (in fact, I heard about it yesterday; shameful!) and have been reading some discussions regarding wallet security, especially on Windows, and an idea occurred me. I'd like to know what you think.

Encrypting your wallets is the default way to protect them, but as some people pointed out, once you enter the password so that the Bitcoin client can get it, malware can also always get in unless you use Linux and have some other mechanism to ensure that only the real Bitcoin client can access the encrypted file. I'm pretty sure this is even harder on Windows (if not impossible, considering how usual it is for privilege escalation exploits to appear on this OS; correct me if I'm outdated).

So I thought people serious about their wallets' security wouldn't bother buying some (pretty cheap) specialized hardware.

The beasty would be a small, very cheap processor running a special Bitcoin client aided by an FPGA to do the public key mathematics (doing this using a processor would probably be less cheap; not sure). It would have an USB port used to connect it to a computer.

Two devices would flow through this USB port: an API for controlling the Bitcoin client and a read-only USB mass storage containing an app used as a front-end to this API. So you would put your USB Wallet inside your actual wallet because you dawg that's so amazing, and when you wanted to make transactions you would just plug the USB Wallet on a computer, run the front-end app, tell who you wanted to send money and enter the password on the USB Wallet itself (avoids any kind of logging).

This would allow you to use your wallet even on shared Windows computers infested with viruses.

The USB Wallet would be fully "open hardware" (you could build it home), obviously. There are a bunch of open crypto cores for FPGA's at http://opencores.org/projects. Dunno if they're enough to implement the Bitcoin client.

I would estimate the USB Wallet would cost less than $50, but sure we'd have to research more. I just want to hear your opinion first. What do you think?
willphase
Hero Member
*****
Offline Offline

Activity: 767
Merit: 500


View Profile
June 18, 2011, 10:29:12 AM
 #2
There will never be a perfect solution to the issue of stolen wallets just as there isn't a perfect abolition to other threats like identity theft. It's all about layered security and the additions coming into to bitcoin client to allow private key encryption should help.

What you're talking about is a Hardware Security Module (HSM) and they already exist and are used by e.g. Verisign to sign your SSL certificate without revealing their private key.

I imagine only a bitcoin vendor processing a large amount of transactions would ever use one of these, and it would be complicated by the fact that bitcoin needs, and generates, quite a few keypairs during normal operation, so any HSM would have to handle this in a sensible way.

Will
firstbits.com/?a=1b1tcoin | LetsDice (referral link) | Just-Dice CEX
Pages: [1]
  Print  
Bitcoin Forum > Bitcoin > Development & Technical Discussion > Wallet software > Hardware wallets > Wallet security hardware
 « previous topic next topic »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!