I think it's necessary: Encryption for dummies

[bcearl]

People are asking all the time for encryption of their wallets and using TrueCrypt etc. And they think that it protects against certain attacks like Trojans, which it doesn't. This discussion shall result in a summary that explains noobs what encryption can do and what it can't.

What is encryption?
Encryption is a tool to protect data. With an encryption scheme you can encrypt a file with a key. The desired result is that nobody is able to read that file without the key.

Misconceptions that make encryption worthless
If you want to protect data via encryption, you have to make sure that this data does not exist anywhere outside the encrypted file. This is the hardest task of all and the error most people don't seem to see.

Cases associated with bitcoin where this is the case:

• If you encrypt an existing wallet, your old version may still be on disk. The only way to avoid that is wiping out the whole disk, or creating a new wallet inside the cryptographic container that never hits a disk unencrypted in its lifetime.
• Even if you avoided the first case: As long as your encrypted device or file is mounted, the data is not protected by encryption. The only protection is now policy enforcement (e.g. operating system prohibiting other users to access your files). There is no way around that, you have to decrypt the wallet to work with it. The only solution is a seperate wallet that is decrypted less often. There are many ways to enforce policies like installing a isolated machine or creating a seperate user account that does not run untrusted software. You can do it as secure as you want by investing the effort of using it. (Note: VM guests don't work at all, because VMs were never meant to protect guests against hosts, only the other direction makes sense.)
• Always assume: Malware can do anything you can do. The only thing that protects you is your decryption secret, but only as long as you don't decrypt the file. If you can use the wallet, why should a trojan not be able? In fact it always is. That's the problem the policy enforcement aims at: It makes sure that a trojan in your working space cannot access a wallet that is in an isolated space. There can still be flaws that could open a door for attackers around those policies, that's why there are those different methods proposed.

Conclusion
If you really want security, you have to accept the following principle:
Always assume that it does not protect you unless you can really argue with certainty and in detail why it does prevent certain attacks.

[1715211448]

1715211448

[1715211448]

1715211448

[fergalish]

(Note: VM guests don't work at all, because VMs were never meant to protect guests against hosts, only the other direction makes sense.)[/li][/list]

You could use an encrypted file container within your guest VM, which will then be inaccessible as long as the VM is switched off.  Of course, a keylogger will get your password unless your VM can also use a mouse & gui to select a key-file.

[bcearl]

(Note: VM guests don't work at all, because VMs were never meant to protect guests against hosts, only the other direction makes sense.)[/li][/list]

You could use an encrypted file container within your guest VM, which will then be inaccessible as long as the VM is switched off.  Of course, a keylogger will get your password unless your VM can also use a mouse & gui to select a key-file.

But that doesn't protect you any more than a regular encrypted volume. But its way more a waste of ressources.

[fergalish]

But [an encrypted VM] doesn't protect you any more than a regular encrypted volume. But its way more a waste of ressources.

Good point.  Except, maybe, the trojan/virus/worm/whatever has to hijack the VM controller's memory and instruction stack aswell. So it wouldn't stop a determined attacker, but it might stop more casual opportunists.

[Vladimir]

That would one step from security thru obscurity.

Want your data secure, get a new wallet on a separate and dedicated for wallet keeping hardware device with secure and very securely configured OS (i/e/ no GUI/X/Windows etc) no bloat, maybe ssh access at most, encrypted partitions and swap, keep it offline as much as possible, keep it's existence secret, no wireless networks. Keep encrypted backups of the wallet in the cloud etc... This would be a nice set of controls mitigating many common and significant risks.

Anything less, when talking about decent amounts of BTC is not enough.

[MysteryMiner]

The wallet encryption will help only against current targeted stealers. The encryption with password will only delay the theft, because many users chooze weak passwords and they will be recovered with dictionary/bruteforce.

Password protecting wallet.dat with Bitcoin client = no security at all if system is compromised and weak to high security if wallet.dat is copied by hacker but no password is ever entered on compromised system.
Hiding in TrueCrypt container if system is compromised = no security at all. It will be compromised when volume is mounted.
Keeping backup copies in cloud = theft for sure if the cloud is compromised by hackers or cloud ownders decide to search the cloud for wallet.dat and steal the coins.

Keeping system clear from malware and securing it properly = totally secure in the way it is.

My sugesstion is implementing Bitcoin private key storage on smartcard and the private keys will never leave the smartcard and is protected by hardware PIN keypad. The malware then only can 1. modify recieving address of payment on-the-fly or 2. initialize unauthorized payments when smartcard is inserted and session is unlocked by PIN.

[bcearl]

But [an encrypted VM] doesn't protect you any more than a regular encrypted volume. But its way more a waste of ressources.

Good point.  Except, maybe, the trojan/virus/worm/whatever has to hijack the VM controller's memory and instruction stack aswell. So it wouldn't stop a determined attacker, but it might stop more casual opportunists.

You don't have to crack anything, the host has full power to manipulate the guest as he wishes. That's why you can control the guest from the host. Protection in that direction does not make any sense, VMs were never supposed to have that. It is not that there may be vulnerabilities, there are just no barriers.