Bitcoin Forum
November 13, 2024, 07:46:18 PM *
News: Check out the artwork 1Dq created to commemorate this forum's 15th anniversary
 
   Home   Help Search Login Register More  
Bitcoin Forum > Bitcoin > Development & Technical Discussion > Wallet software > Armory > Glacier Protocol
Pages: [1]
« previous topic next topic »
  Print  
Author Topic: Glacier Protocol  (Read 214 times)
aa7356 (OP)
Newbie
*
Offline Offline

Activity: 24
Merit: 4


View Profile
January 31, 2020, 09:13:41 PM
Merited by LoyceV (2)
 #1
Hi everybody,

I always had the notion that USB port is not the optimal way of communication between two nodes for secure communications.  

The "air gap" idea of have a host "Alice" that will never ever be connected to the network by cables (in order to mitigate the private key exposure) while talk to host "Bob" that got the function of broadcaster... reminds me a Werner Koch commentary years ago about the same idea but in the smart-cards scenario (ISO 7816-4,-10). He said something like "The whole idea of keep a private key stored in the smart-card eeprom is to expose the key as minimum as possible"

Recently I read on the the news some critical flaws in hardware wallets (voltage glitching attacks which briefly dump the voltage of the device under test in order to write to memory and change the state of registers during a crucial stage of the USB protocol-when device descriptors are sent to the host... )

So, think about those problems... is it a good idea of instead using USB communication channel ... would not be better to use image instead?

I notice that Armory works very well with QR code for 'off tx sign'.. My question is... is there already a project using cheap 'system on chip' (SoC) like Raspberry PI, Banana PI, Beaglebone, etc.. that applies the idea of "Glacier Protocol"?

ps-> I have a bias on using Beaglebone because it is a open hardware project.
goatpig
Moderator
Legendary
*
Offline Offline

Activity: 3752
Merit: 1364

Armory Developer


View Profile
February 01, 2020, 12:18:24 PM
 #2
I use a RPi for signing myself, though the carrier is a USB stick (the RPi is never directly connected to my online machine, and it never was connected to internet in the first place).

There has been proposals to either add an audio modem or an animated QR code codec as extra transfer channels. In general smart cards are better than USB keys because the USB protocol and handshaking is significantly richer than that of smart cards, which are only ever storage devices. There's arguable minor benefits to be had from DMA access to the storage device vs going through the driver.

For the more paranoid, you could write the data back and forth by hand, or burn CDs.
https://btcarmory.com
aa7356 (OP)
Newbie
*
Offline Offline

Activity: 24
Merit: 4


View Profile
February 05, 2020, 11:15:42 PM
 #3
Quote from: goatpig on February 01, 2020, 12:18:24 PM
I use a RPi for signing myself, though the carrier is a USB stick (the RPi is never directly connected to my online machine, and it never was connected to internet in the first place).

There has been proposals to either add an audio modem or an animated QR code codec as extra transfer channels. In general smart cards are better than USB keys because the USB protocol and handshaking is significantly richer than that of smart cards, which are only ever storage devices. There's arguable minor benefits to be had from DMA access to the storage device vs going through the driver.

For the more paranoid, you could write the data back and forth by hand, or burn CDs.

I think for the "21 millions club" you have more than right to be paranoiac, it is your core skill ...

I remember in the early 90's some countries got their top level DNS and then failed miserably on keep their TSL root keys physically safe. (if I'm not mistake the term is "safe room" for a complete isolated computational system)
aa7356 (OP)
Newbie
*
Offline Offline

Activity: 24
Merit: 4


View Profile
March 27, 2020, 01:08:15 PM
 #4
Quote from: goatpig on February 01, 2020, 12:18:24 PM
I use a RPi for signing myself, though the carrier is a USB stick (the RPi is never directly connected to my online machine, and it never was connected to internet in the first place).

There has been proposals to either add an audio modem or an animated QR code codec as extra transfer channels. In general smart cards are better than USB keys because the USB protocol and handshaking is significantly richer than that of smart cards, which are only ever storage devices. There's arguable minor benefits to be had from DMA access to the storage device vs going through the driver.

For the more paranoid, you could write the data back and forth by hand, or burn CDs.

Regards to burn CDs .. I was thinking about something similar to PGP/PKI Clean Room ( Live CD with networking disabled )

https://wiki.debian.org/OpenPGP/CleanRoomLiveEnvironment
goatpig
Moderator
Legendary
*
Offline Offline

Activity: 3752
Merit: 1364

Armory Developer


View Profile
April 01, 2020, 09:02:30 AM
 #5
I dont see how that protects you from USB rootkits. The point of burning CDs is to avoid taking a USB stick to your offline signer.
https://btcarmory.com
Pages: [1]
  Print  
Bitcoin Forum > Bitcoin > Development & Technical Discussion > Wallet software > Armory > Glacier Protocol
 « previous topic next topic »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!