Bitcoin Forum
December 06, 2016, 10:14:53 AM *
News: To be able to use the next phase of the beta forum software, please ensure that your email address is correct/functional.
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Couldn't the wallet.dat be secured this way?  (Read 926 times)
Rob P.
Member
**
Offline Offline

Activity: 84



View Profile WWW
June 18, 2011, 12:55:51 AM
 #1

Every address is a public/private key pair.
Currently, that keypair doesn't have a password on it (which is the basis for the issues with someone getting a wallet.dat and then signing transactions to steal your coins).

Couldn't there just be a password placed on each keypair during generation? 

That way, in order to use any address, you'd have to enter the password in order to sign the transaction.

This would further allow for each address to have a unique password, the same, or none (if you chose).

Talk amongst yourselves.

--

If you like what I've written here, consider tipping the messenger:
1GZu4CtHa6ai8iWoWiVFxV5VVoNte4SkoG

If you don't like what I've written, send me a Tip and I'll stop talking.
1481019293
Hero Member
*
Offline Offline

Posts: 1481019293

View Profile Personal Message (Offline)

Ignore
1481019293
Reply with quote  #2

1481019293
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
FreeMoney
Legendary
*
Offline Offline

Activity: 1246


Strength in numbers


View Profile WWW
June 18, 2011, 04:45:32 AM
 #2

The private key is the password. A client could be created that doesn't have a wallet. If you want to spend coins you type it in right then.

Play Bitcoin Poker at sealswithclubs.eu. We're active and open to everyone.
Rob P.
Member
**
Offline Offline

Activity: 84



View Profile WWW
June 18, 2011, 10:49:39 AM
 #3

The private key is the password. A client could be created that doesn't have a wallet. If you want to spend coins you type it in right then.

Yes, you have to sign with the private key.  However, that's different from a password.  You can place a password on the private key.

From:  http://www.dewinter.com/gnupg_howto/english/GPGMiniHowto-3.html#ss3.1

Quote
Finally you have to enter a password (actually passphrase would be more appropriate, since blanks are allowed). This password is used to be able to use the functionality which belongs to your secret key.

--

If you like what I've written here, consider tipping the messenger:
1GZu4CtHa6ai8iWoWiVFxV5VVoNte4SkoG

If you don't like what I've written, send me a Tip and I'll stop talking.
willphase
Hero Member
*****
Offline Offline

Activity: 770


View Profile
June 18, 2011, 10:57:44 AM
 #4

https://github.com/bitcoin/bitcoin/pull/232

Will

Rob P.
Member
**
Offline Offline

Activity: 84



View Profile WWW
June 18, 2011, 11:12:50 AM
 #5


Knew it was a good idea.  Wink  Thanks Will.

--

If you like what I've written here, consider tipping the messenger:
1GZu4CtHa6ai8iWoWiVFxV5VVoNte4SkoG

If you don't like what I've written, send me a Tip and I'll stop talking.
bcearl
Full Member
***
Offline Offline

Activity: 168



View Profile
June 18, 2011, 11:12:59 AM
 #6

Just consider a trojan that does not steal wallet files, but waits until you make a transaction and changes the destination address and amount of coins just before signing.

You can't do anything against that with encryption - in principle.

Misspelling protects against dictionary attacks NOT
bcearl
Full Member
***
Offline Offline

Activity: 168



View Profile
June 18, 2011, 11:21:29 AM
 #7


It is a good idea depending on your goal. It is a good idea, because you can copy wallet files without fear. It does not protect against stealing from an infected computer where bitcoin is running.

Misspelling protects against dictionary attacks NOT
willphase
Hero Member
*****
Offline Offline

Activity: 770


View Profile
June 18, 2011, 11:30:12 AM
 #8

It's all about layered security. There's no silver bullet security solution but making it more difficult to just read the file is a step in the right direction.

Will

Rob P.
Member
**
Offline Offline

Activity: 84



View Profile WWW
June 18, 2011, 11:37:16 AM
 #9

It is a good idea depending on your goal. It is a good idea, because you can copy wallet files without fear. It does not protect against stealing from an infected computer where bitcoin is running.

My goal is to get as much protection as possible.  Making the stealing of the wallet.dat file useless, because you won't have the password to the keys.  Allowing each address to have a unique password makes even having a trojan on your computer minimized, because if you haven't used the address during the time of the trojan, some of your addresses will still be safe.

I minimize my exposure to trojans and viruses by running operating systems that have minimal exposures (e.g. NOT Windows).

This step is necessary to make the stealing of the wallet.dat file useless.

As stated, there is no silver bullet.

--

If you like what I've written here, consider tipping the messenger:
1GZu4CtHa6ai8iWoWiVFxV5VVoNte4SkoG

If you don't like what I've written, send me a Tip and I'll stop talking.
ribuck
Donator
Legendary
*
Offline Offline

Activity: 826


View Profile
June 18, 2011, 04:50:01 PM
 #10

The Bitcoin protocol includes a scripting facility that could be used this way: for a transaction to be spent, the usual private key would be required, plus a per-transaction user-selected password .

Transaction scripting is not yet fully-implemented, but the potential is there.
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!