Bitcoin Forum
December 11, 2016, 12:27:16 AM *
News: To be able to use the next phase of the beta forum software, please ensure that your email address is correct/functional.
 
   Home   Help Search Donate Login Register  
Pages: « 1 [2]  All
  Print  
Author Topic: Why not make Bitcoin more Secure with a PIN and TAN System?  (Read 2373 times)
kokjo
Legendary
*
Offline Offline

Activity: 1050

You are WRONG!


View Profile
July 05, 2011, 11:58:13 AM
 #21

How about having incomplete private keys in the wallet?

Every time you make a transfer using a certain key you would need to add missing characters using a printout that you make when the wallet is created. The program would then also transfer any difference in BTC to a new private key so that effectively each private key is only used once. You could also store the "printout" in some file of your own choosing in case you lose the printout.
it would be the same as ripping the private key out of the wallet, and write it down on paper, which can be stolen. 130 chars(hex-encoded). the used once private key feature you are suggesting are also useless, an attacker does not get any knowledge about the private key. only proof that you have it, and the transaction is valid.

still if you gets trojan'ed you are still domed, when you put the key back into the client.


"The whole problem with the world is that fools and fanatics are always so certain of themselves and wiser people so full of doubts." -Bertrand Russell
Goat says: "Bitcoin is NOT Illegal in Thailand. There is no law against Bitcoin in Thailand!"
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1481416036
Hero Member
*
Offline Offline

Posts: 1481416036

View Profile Personal Message (Offline)

Ignore
1481416036
Reply with quote  #2

1481416036
Report to moderator
1481416036
Hero Member
*
Offline Offline

Posts: 1481416036

View Profile Personal Message (Offline)

Ignore
1481416036
Reply with quote  #2

1481416036
Report to moderator
Mageant
Legendary
*
Offline Offline

Activity: 1082



View Profile WWW
July 05, 2011, 01:12:45 PM
 #22

it would be the same as ripping the private key out of the wallet, and write it down on paper, which can be stolen. 130 chars(hex-encoded). the used once private key feature you are suggesting are also useless, an attacker does not get any knowledge about the private key. only proof that you have it, and the transaction is valid.

It doesn't matter if a trojan find's out because there are no BTC on that private key. The user just has to make sure he doesn't reuse that private key.

  ►  NEW ECONOMY MOVEMENT  ◄ 
  100% built from scratch • revolutionary forging mechanism • fairly distributed

BIETCOIN.DE - Kleinanzeigenmarkt für Bitcoin
kokjo
Legendary
*
Offline Offline

Activity: 1050

You are WRONG!


View Profile
July 05, 2011, 01:21:56 PM
 #23

it would be the same as ripping the private key out of the wallet, and write it down on paper, which can be stolen. 130 chars(hex-encoded). the used once private key feature you are suggesting are also useless, an attacker does not get any knowledge about the private key. only proof that you have it, and the transaction is valid.

It doesn't matter if a trojan find's out because there are no BTC on that private key. The user just has to make sure he doesn't reuse that private key.
simple attack method:
make a trojan, which replace the bitcoin client, with a fake one that send all payment to the attacker.

it breaks through: encryption, TAN, PIN, paper wallet, anything, as soon as you put it in the client yo are doomed.
if you are unaware of it, and you will be.
the only thing encryption is good for is protecting an wallet if it gets stolen, it does not protect you from anything else.

if you would be very secure, you would make a physical device with a small LCD screen, which prints out the addresses, and the amounts.
on that device the transaction will be signed. and the private key will never leave the device. this would be the only secure thing.

"The whole problem with the world is that fools and fanatics are always so certain of themselves and wiser people so full of doubts." -Bertrand Russell
X68N
Hero Member
*****
Offline Offline

Activity: 546


View Profile
July 06, 2011, 06:51:06 PM
 #24

mmmh
 interesting do you mean a thing like hcbi-banking-device?

Coinbase - All your money are belong to us  Cheesy -> http://de.wikipedia.org/wiki/All_your_base_are_belong_to_us
Martin P. Hellwig
Jr. Member
*
Offline Offline

Activity: 33


View Profile
July 06, 2011, 07:04:41 PM
 #25

if you would be very secure, you would make a physical device with a small LCD screen, which prints out the addresses, and the amounts.
on that device the transaction will be signed. and the private key will never leave the device. this would be the only secure thing.

Hmmm, me thinking about those nfc enabled smartphones ...
kokjo
Legendary
*
Offline Offline

Activity: 1050

You are WRONG!


View Profile
July 06, 2011, 07:05:55 PM
 #26

mmmh
 interesting do you mean a thing like hcbi-banking-device?
hmm. i dont speek german, and google gave me alot of it when i did search.
but it is one of crypto-tokens you are talking about?

hmmm. maybe... it depends
if it only gives me a small number, then hell NO!
if it prints out the whole transaction, and ask me permission to sign, then YES!

"The whole problem with the world is that fools and fanatics are always so certain of themselves and wiser people so full of doubts." -Bertrand Russell
kokjo
Legendary
*
Offline Offline

Activity: 1050

You are WRONG!


View Profile
July 06, 2011, 07:06:18 PM
 #27

if you would be very secure, you would make a physical device with a small LCD screen, which prints out the addresses, and the amounts.
on that device the transaction will be signed. and the private key will never leave the device. this would be the only secure thing.

Hmmm, me thinking about those nfc enabled smartphones ...
more like that.

"The whole problem with the world is that fools and fanatics are always so certain of themselves and wiser people so full of doubts." -Bertrand Russell
Pages: « 1 [2]  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!