manifold (OP)
Newbie
Offline
Activity: 62
Merit: 0
|
|
June 18, 2011, 05:08:16 PM |
|
After the latest theft, this question is really important. If the wallet.dat would be encrypted, it wouldn't make it impossible to simply copy the wallet.dat from the disk. (Even if the wallet.dat is in a truecrypt volume, sometimes you have to mount it, and then it's freely accessible for a trojan)
|
|
|
|
jackjack
Legendary
Offline
Activity: 1176
Merit: 1280
May Bitcoin be touched by his Noodly Appendage
|
|
June 18, 2011, 05:15:13 PM |
|
Not by default, so as to the natural selection can apply
|
Own address: 19QkqAza7BHFTuoz9N8UQkryP4E9jHo4N3 - Pywallet support: 1AQDfx22pKGgXnUZFL1e4UKos3QqvRzNh5 - Bitcointalk++ script support: 1Pxeccscj1ygseTdSV1qUqQCanp2B2NMM2 Pywallet: instructions. Encrypted wallet support, export/import keys/addresses, backup wallets, export/import CSV data from/into wallet, merge wallets, delete/import addresses and transactions, recover altcoins sent to bitcoin addresses, sign/verify messages and files with Bitcoin addresses, recover deleted wallets, etc.
|
|
|
opticbit
|
|
June 18, 2011, 05:16:48 PM |
|
I already remember passwords for friends and family what's one more.
|
|
|
|
bcearl
|
|
June 18, 2011, 05:17:59 PM |
|
I don't want it to be encrypted actually, but I want that feature to be there for others.
|
Misspelling protects against dictionary attacks NOT
|
|
|
manifold (OP)
Newbie
Offline
Activity: 62
Merit: 0
|
|
June 22, 2011, 04:44:20 AM |
|
Is here a developer of the default client? Could that be implemented in the next release?
|
|
|
|
imperi
|
|
June 22, 2011, 04:46:35 AM |
|
Is here a developer of the default client? Could that be implemented in the next release?
It's open source. Maybe you could implement it and submit a pull request?
|
|
|
|
Sandoz
Member
Offline
Activity: 85
Merit: 10
|
|
June 22, 2011, 04:51:11 AM |
|
A developer stated this actually would be their priority for the next version
|
|
|
|
phillipsjk
Legendary
Offline
Activity: 1008
Merit: 1001
Let the chips fall where they may.
|
|
June 22, 2011, 04:53:02 AM |
|
Encryption will lead to data-loss when users forget their paswords passphrase after 3-300 months.
The other extreme would be the users using "12345678" as their password: giving them little protection.
That said, leaving the wallet.dat unencrypted complicates securely backing up the wallet.dat. If the Drive is not using full-disk encryption, it is too easy to leave clear-text versions scattered around the disk as well.
Edit: a (solo) miner needs to use an unencrypted wallet.dat (or more accurately, as least 1 unencrypted private key) to generate the 50 coins they pay themselves when generating a block. Just as important as encryption options may be wallet-splitting options.
|
James' OpenPGP public key fingerprint: EB14 9E5B F80C 1F2D 3EBE 0A2F B3DE 81FF 7B9D 5160
|
|
|
bcearl
|
|
June 23, 2011, 12:16:56 PM |
|
This will trash tons of bitcoins because of users forgetting their passwords.
|
Misspelling protects against dictionary attacks NOT
|
|
|
Gabi
Legendary
Offline
Activity: 1148
Merit: 1008
If you want to walk on water, get out of the boat
|
|
June 23, 2011, 12:21:47 PM |
|
Well better than wallet stole by trojans...
|
|
|
|
killer2021
Member
Offline
Activity: 84
Merit: 10
|
|
June 23, 2011, 12:44:18 PM |
|
Encryption as an option in the client is what I would recommend. If you want to encrypt then you can. If not, then you don't have to.
Lets face it, security is a major problem for bitcoin. If bitcoin is to go mainstream then the average joe needs to know that their wallet is secure. Encryption is one way of solving that (even if its a mirage).
The primary value of money is derived from faith in the currency. Faith that it will hold its value and faith that the merchant up the street will accept it.
|
|
|
|
|
Herodes
|
|
June 23, 2011, 01:36:07 PM |
|
Just tossing in an idea.
What if the user instead of using a password used a private key that was saved separately from the wallet.dat? This private key would be needed to decrypt the wallet when the user wanted to use an adress in the wallet. That way, if the attacker got a encrypted wallet.dat, he would be unable to decrypt it without the proper private key.
Preferably the client would show the user a screen for proper handling of private keys and wallet once the client starts up, or preferabbly the first few times, and then later with random intervals. Perhaps a bit annoying, but many people will put convenience over security and not care about securing their wallet, so perhaps reminding them more often would help? There could also be an option screen where this could be turned off perhaps.
The private key could then be stored on for example an usb disk or a mobile phone, and just be inserted every time you needed to do a transaction.
I do not propose to have the final solution to these issues, as I know people are lazy, forgets easily and a lot of users will forget to back up their private key, or misplace it. I am sure we will see a lot of services and ways to keep the wallet.dat safe pop up in the coming months.
But as it is now, and as many people have said, getting access to anyone's coins now is just a matter of getting their wallet.dat just like a physical wallet, but unlike a physical wallet, a bitcoin wallet can exist in many copies. In the event an encrypted wallet that's encrypted with either a password or a private key is stolen, the wallet owner should have enough time to transfer the bitcoins to a new wallet if he notices this has happened, and even if he notices it has happened and he does nothing about it, it is highly unlikely that the attacker will be able to decrypt the wallet he got if it is secured with a very strong password or a very strong private key.
So, in my view, encryption of the wallet.dat will prevent some bitcoins from being stolen, but perhaps even more bitcoins will be lost from people forgetting about their passwords or private keys? But I am sure there will spring up companies that take security very seriously and that will hold your private keys for you. I can think of a company which sole purpose is to hold private keys for users, but not handling their wallets. Then it would be nearly impossible for such a company to compromise the wallets of any of its clients, because they do not know which private key belongs to which wallet, so storing keys and wallets separately could be a good idea.
Well, that's some rant from me, and I am not a crypto-expert and I am not an expert on user behavior, but is very obvious that no matter the solution we chose to adapt, there will always be cons and pros.
|
|
|
|
qikaifu
Full Member
Offline
Activity: 168
Merit: 100
God creats math and math creats bitcoin.
|
|
June 23, 2011, 01:46:15 PM |
|
You know what, I guess Gavin will chose the last one. He didn't think the encrypt would be his first priority, which was mentioned in one of his blog after the heist of 25k bitcoin.
|
|
|
|
ErgoOne
|
|
June 23, 2011, 01:55:44 PM |
|
I would build in default encryption using a strong algorithm such as AES, with options to switch to other types of encryption if the user desires. Having an unencrypted wallet is like having a car with no locks. :/ Thieves are still responsible when they steal, but you sure posted a welcome sign on the door! Until this flaw in the Bitcoin software is fixed, I've put my wallet (still empty, but not for much longer) on a purpose-build Jetico Bestcrypt volume, along with the Bitcoin program, and protected it with a unique passphrase of unusual length. That's a nuisance, but a whole lot safer than otherwise. Please note that even an encrypted volume doesn't protect you against a password-stealing trojan or other types of malware; that's why I favor having the Bitcoin software do encryption on the fly. It can protect your wallet better than just using a third-party encryption program. However, third-party is better than nothing. For those who prefer to support open source, Truecrypt works as well for this purpose. I've been using Bestcrypt since the late 1990s, when Truecrypt wasn't even a gleam in anybody's eye, and trust it, so I've stuck with it.
|
|
|
|
dukejer
Jr. Member
Offline
Activity: 42
Merit: 2
|
|
June 23, 2011, 02:02:11 PM |
|
Whenever new private keys are generated they should mandatory have the option to send the keys to a removable device unencrypted clear text for safe keeping. Then the private keys in the wallet should be encrypted in the wallet and in memory and only unencrypted at the time Bitcoins are sent. If someone forgets their password they should be able to re-import the private key from a removable device and then set a new password on the private keys for the wallet.
-Dukejer.
|
|
|
|
em3rgentOrdr
|
|
June 23, 2011, 02:13:47 PM |
|
This will trash tons of bitcoins because of users forgetting their passwords.
Maybe each bitcoin client could have a unique code built in to decrypt with by default so that the wallet.dat stays encrypted on the hard drive but users wouldn't need to remember their password if they use their same client.
|
"We will not find a solution to political problems in cryptography, but we can win a major battle in the arms race and gain a new territory of freedom for several years.
Governments are good at cutting off the heads of a centrally controlled networks, but pure P2P networks are holding their own."
|
|
|
SlipperySlope
|
|
June 23, 2011, 02:50:48 PM |
|
The problem of lost passwords for default-encrypted wallet.dat files is already solved by existing online password storage services... For example: http://www.passpack.com/en/home/One can easily image an entrepreneur on this forum offering such a service tailored for, and marketed to, bitcoin clients.
|
|
|
|
FooDSt4mP
|
|
June 23, 2011, 02:51:56 PM |
|
This will trash tons of bitcoins because of users forgetting their passwords.
Maybe each bitcoin client could have a unique code built in to decrypt with by default so that the wallet.dat stays encrypted on the hard drive but users wouldn't need to remember their password if they use their same client. How do you keep this unique code from the hackers? If they can access your wallet.dat, they can get at this code too.
|
As we slide down the banister of life, this is just another splinter in our ass.
|
|
|
em3rgentOrdr
|
|
June 24, 2011, 12:14:09 AM |
|
This will trash tons of bitcoins because of users forgetting their passwords.
Maybe each bitcoin client could have a unique code built in to decrypt with by default so that the wallet.dat stays encrypted on the hard drive but users wouldn't need to remember their password if they use their same client. How do you keep this unique code from the hackers? If they can access your wallet.dat, they can get at this code too. Well, I was thinking of mechanism that uses the so-called "Trusted Computing Module" in your motherboard, or uses a secure key generated by your CPU's unique private key.
|
"We will not find a solution to political problems in cryptography, but we can win a major battle in the arms race and gain a new territory of freedom for several years.
Governments are good at cutting off the heads of a centrally controlled networks, but pure P2P networks are holding their own."
|
|
|
|