|
AliceWonder (OP)
|
 |
June 10, 2013, 07:01:46 AM |
|
I want a client that makes automated secure cloud backup easier.
You enter your cloud storage information.
You click backup. Wallet is encrypted requiring both a passphrase and a scan of your thumbprint to decrypt and uploaded to cloud.
That way remote backup of wallet is easy and if cloud storage hacked, they need your passphrase and your thumb to spend your coins.
Does such a client exist?
|
|
|
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
|
|
TheSpiral
Full Member
 Offline
Activity: 322
Merit: 113
Sinbad Mixer: Mix Your BTC Quickly
|
|
June 11, 2013, 06:29:02 AM |
|
I highly doubt it...
You could in theory make a bat file that will run the backup wallet command, throw the resulting file into something like a truecrypt container, and move it to a dropbox/btsync/WhateverServiceYouUse folder. All that would be fairly easy. The thumbprint part is a bit ... much/difficult.
|
|
|
|
|
|
AliceWonder (OP)
|
|
June 11, 2013, 09:46:10 PM |
|
There are already APIs for interacting with thumbprint readers, aren't there?
Why I want this is because bitcoin is scary for many people.
Average person doesn't want the risk of losing their money because they lost their private key due to a hard drive failure.
But remote wallets that exist are constantly being hacked, or are scams, and are too risky.
And the average person chooses something stupid as their pass phrase, something like their favorite Bible verse or Einstein quote.
So even if we make it easy to back up just an encrypted wallet to cloud, as bitcoin adoption grows there will be hacks on cloud storage and wallets will go through dictionaries of common phrases.
But if thumbprint is added to encryption that's two things the hacker has to crack, so it will be much much safer for the average joe to use the currency as the user can have local wallet with automated secure remote backup.
I'm just trying to think of what is needed to increase adoption.
|
|
|
|
grue
Legendary
Offline
Activity: 2058
Merit: 1431
|
|
June 11, 2013, 10:24:10 PM |
|
There are already APIs for interacting with thumbprint readers, aren't there?
nopethere are, but they are limited to digital imaging only. there still needs to be implementation of fingerprint -> key. |
|
|
|
DeathAndTaxes
Donator
Legendary
Offline
Activity: 1218
Merit: 1079
Gerald Davis
|
|
June 11, 2013, 10:27:34 PM |
|
Also biometrics are not deterministic.
Meaning your fingerprint can't be a decryption key because if you scan your fingerprint 100 times the resulting image will be different every time. Biometrics look for an image which is "close enough" to the original. This means that you can't employ strong security with biometrics. You can't use the image to generate a encryption/decryption key because everytime you scan you finger the key produced will be different. Thus if software can unlock your wallet on a fingerprint scan that means the software already has the decryption key. If the key is available a hacker will find the way to extract it. Your system would be less secure than a strong passphrase.
|
|
|
|
|
|
AliceWonder (OP)
|
|
June 12, 2013, 02:05:54 AM |
|
Also biometrics are not deterministic.
Meaning your fingerprint can't be a decryption key because if you scan your fingerprint 100 times the resulting image will be different every time. Biometrics look for an image which is "close enough" to the original. This means that you can't employ strong security with biometrics. You can't use the image to generate a encryption/decryption key because everytime you scan you finger the key produced will be different. Thus if software can unlock your wallet on a fingerprint scan that means the software already has the decryption key. If the key is available a hacker will find the way to extract it. Your system would be less secure than a strong passphrase.
That's not a difficult problem to solve though. You can scan a fingerprint and see if it is a close match. So the key doesn't come from the figerprint itself. The key is random generated and held in the client and only released to decrypt if the scanned fingerprint matches. That means it isn't good security by itself for a local exploit on the machine with the key, but it good at preventing decryption of the wallet if stolen from a remote backup server. |
|
|
|
|
AliceWonder (OP)
|
|
June 12, 2013, 02:17:12 AM |
|
That's a problem too, if fingerprint key is in client and unlocked then remote backup pointless unless it has the fingerprint key in it.
|
|
|
|
|
|
grue
Legendary
Offline
Activity: 2058
Merit: 1431
|
|
June 15, 2013, 02:16:46 AM |
|
That's not a difficult problem to solve though.
You can scan a fingerprint and see if it is a close match.
So the key doesn't come from the figerprint itself. The key is random generated and held in the client and only released to decrypt if the scanned fingerprint matches.
That means it isn't good security by itself for a local exploit on the machine with the key, but it good at preventing decryption of the wallet if stolen from a remote backup server.
But what's the point of this compared to a password? what's the point of this if the key entropy is low? sure, you got a key but people can bruteforce it without a reader. |
|
|
|
|
halfawake
|
|
June 21, 2013, 09:01:58 AM |
|
Pretty sure this feature doesn't exist, no. But you can get pretty close with Armory's paper backup feature and some creativity. I'm not sure how you'd be able to do the biometric security, but it wouldn't be that difficult to turn the paper backup into a PDF and encrypt that with PGP or GPG then send that to your cloud backup server.
|
BTC: 13kJEpqhkW5MnQhWLvum7N5v8LbTAhzeWj
|
|
|
|
|
zekesonxx
Newbie
Offline
Activity: 42
Merit: 0
|
|
October 12, 2013, 07:04:32 AM |
|
I'm working on something that would be synced to the cloud securely. I'll remember to announce it in this section of the forums, so keep watch.
|
|
|
|
|
|
