Bitcoin Forum
December 10, 2016, 11:05:41 AM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: suggestion for client: random/custom wallet.dat filename  (Read 1600 times)
quattro
Member
**
Offline Offline

Activity: 67


View Profile
August 08, 2011, 10:54:22 PM
 #1

An added layer of security would be the ability to create custom and random wallet.dat filenames.

If someone was able to compromise a machine running the bitcoin client, it wouldn't be as easy as searching for the standard filename.

And while we're at it ... how about some encryption.  Smiley






PM me if you need hosting for your FPGA or ASIC miner.  Secure, air conditioned facility... will beat competitor pricing.  Over 15 years in the hosting industry.
1481367941
Hero Member
*
Offline Offline

Posts: 1481367941

View Profile Personal Message (Offline)

Ignore
1481367941
Reply with quote  #2

1481367941
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1481367941
Hero Member
*
Offline Offline

Posts: 1481367941

View Profile Personal Message (Offline)

Ignore
1481367941
Reply with quote  #2

1481367941
Report to moderator
jackjack
Hero Member
*****
Offline Offline

Activity: 882


May Bitcoin be touched by his Noodly Appendage


View Profile
August 08, 2011, 11:10:56 PM
 #2

Next release will include wallet encryption
But I don't believe it will include custom filenames

Own address: 19QkqAza7BHFTuoz9N8UQkryP4E9jHo4N3 - Pywallet support: 1AQDfx22pKGgXnUZFL1e4UKos3QqvRzNh5 - Bitcointalk++ script support: 1Pxeccscj1ygseTdSV1qUqQCanp2B2NMM2
Pywallet: instructions. Encrypted wallet support, export/import keys/addresses, backup wallets, export/import CSV data from/into wallet, merge wallets, delete/import addresses and transactions, recover altcoins sent to bitcoin addresses, sign/verify messages and files with Bitcoin addresses, recover deleted wallets, etc.
BookLover
Hero Member
*****
Offline Offline

Activity: 535


^Bitcoin Library of Congress.


View Profile
August 08, 2011, 11:20:01 PM
 #3

This seems so simple that I would immediately think it's a horrible idea, but I can't think of a way to easily get around it and it would stop a lot of old trojans. Awesome idea quattro! Grin(I can't wait to see what someone who knows what he's doing says) Wink

Raoul Duke
aka psy
Legendary
*
Offline Offline

Activity: 1442



View Profile
August 08, 2011, 11:25:58 PM
 #4

An added layer of security would be the ability to create custom and random wallet.dat filenames.

If someone was able to compromise a machine running the bitcoin client, it wouldn't be as easy as searching for the standard filename.

And while we're at it ... how about some encryption.  Smiley

Would it randomize file extension(.dat) also? And what about a custom folder/path  instead of %appdata%\Bitcoin\, wouldn't that be needed as well?

ffuentes
Member
**
Offline Offline

Activity: 70


Only a curious passer-by / FirstBits: 13zsc1


View Profile WWW
August 08, 2011, 11:28:56 PM
 #5

Does anybody else seen this (project of) client? http://bitco.tumblr.com/

Listen Radio Libre (Electronica) Donate. (click for details).

Chilean peso VS BTC ahora: http://irage.ca/2btc.php?a=1&c=CLP&r=1

My bitcoin address
jackjack
Hero Member
*****
Offline Offline

Activity: 882


May Bitcoin be touched by his Noodly Appendage


View Profile
August 08, 2011, 11:36:24 PM
 #6

An added layer of security would be the ability to create custom and random wallet.dat filenames.

If someone was able to compromise a machine running the bitcoin client, it wouldn't be as easy as searching for the standard filename.

And while we're at it ... how about some encryption.  Smiley

Would it randomize file extension(.dat) also? And what about a custom folder/path  instead of %appdata%\Bitcoin\, wouldn't that be needed as well?
I made a fork of bitcoin which only difference with it is taking a -wallet flag as the filename of your wallet, so if you absolutely need to use a file other than 'wallet.dat', you may want to try it (github)
For example, ./bitcoin -wallet wal.bc will use the file wal.bc instead of wallet.dat as its wallet

To use another directory, just use the official client's -datadir flag

Own address: 19QkqAza7BHFTuoz9N8UQkryP4E9jHo4N3 - Pywallet support: 1AQDfx22pKGgXnUZFL1e4UKos3QqvRzNh5 - Bitcointalk++ script support: 1Pxeccscj1ygseTdSV1qUqQCanp2B2NMM2
Pywallet: instructions. Encrypted wallet support, export/import keys/addresses, backup wallets, export/import CSV data from/into wallet, merge wallets, delete/import addresses and transactions, recover altcoins sent to bitcoin addresses, sign/verify messages and files with Bitcoin addresses, recover deleted wallets, etc.
quattro
Member
**
Offline Offline

Activity: 67


View Profile
August 08, 2011, 11:49:59 PM
 #7

An added layer of security would be the ability to create custom and random wallet.dat filenames.

If someone was able to compromise a machine running the bitcoin client, it wouldn't be as easy as searching for the standard filename.

And while we're at it ... how about some encryption.  Smiley

Would it randomize file extension(.dat) also? And what about a custom folder/path  instead of %appdata%\Bitcoin\, wouldn't that be needed as well?



Ummm ... you should have already installed it a directory other than the default.   Smiley

I don't think it needs to randomize the file extension ... .dat is common enough.

Again, this isn't meant to be foolproof.  You'd be surprised how a lot of simple things can thwart even the most sophisticated attacks.

PM me if you need hosting for your FPGA or ASIC miner.  Secure, air conditioned facility... will beat competitor pricing.  Over 15 years in the hosting industry.
quattro
Member
**
Offline Offline

Activity: 67


View Profile
August 09, 2011, 12:07:26 AM
 #8

This seems so simple that I would immediately think it's a horrible idea, but I can't think of a way to easily get around it and it would stop a lot of old trojans. Awesome idea quattro! Grin(I can't wait to see what someone who knows what he's doing says) Wink

Hi BookLover,

It's just one layer of an extensive approach to securing bitcoins.  My suggestion merely makes it a bit harder for low level attacks to be successful.



PM me if you need hosting for your FPGA or ASIC miner.  Secure, air conditioned facility... will beat competitor pricing.  Over 15 years in the hosting industry.
RaTTuS
Hero Member
*****
Offline Offline

Activity: 792


Bite me


View Profile
August 10, 2011, 08:05:10 AM
 #9

security by obscurity is no security at all

In the Beginning there was CPU , then GPU , then FPGA then ASIC, what next I hear to ask ....

1RaTTuSEN7jJUDiW1EGogHwtek7g9BiEn
wumpus
Hero Member
*****
qt
Offline Offline

Activity: 798

No Maps for These Territories


View Profile
August 10, 2011, 09:38:08 AM
 #10

Firefox also does this; they use a random directory name for the profile directory, to prevent automated stealing attacks that have hardcoded paths.

Bitcoin Core developer [PGP] Warning: For most, coin loss is a larger risk than coin theft. A disk can die any time. Regularly back up your wallet through FileBackup Wallet to an external storage or the (encrypted!) cloud. Use a separate offline wallet for storing larger amounts.
quattro
Member
**
Offline Offline

Activity: 67


View Profile
August 11, 2011, 05:22:42 AM
 #11

security by obscurity is no security at all

This is true only if obscurity is the only means of security.

PM me if you need hosting for your FPGA or ASIC miner.  Secure, air conditioned facility... will beat competitor pricing.  Over 15 years in the hosting industry.
Johnny-Gear
Jr. Member
*
Offline Offline

Activity: 37


View Profile
August 11, 2011, 09:51:07 AM
 #12

This idea definitely has value and could work with some attacks.

I would categorise Bitcoin enthusiasts and anyone coming after their loot as having a higher than average level of technical sophistication though, and if it were me coming after a wallet file, I would probably be looking for flags like -wallet as well as default file locations.

In short, I think wallet encryption should be the highest priority security measure for any wallet.

Just my 2 cents.

JG
BTC_Junkie
Member
**
Offline Offline

Activity: 97


View Profile
August 11, 2011, 09:30:39 PM
 #13

Next release will include wallet encryption
But I don't believe it will include custom filenames


Anyone know the eta on this? I feel like I've been hearing about It for a while.

12jAZVfnCjKmPUXTszwmoji9S4NmY26Qvu
SgtSpike
Legendary
*
Offline Offline

Activity: 1344



View Profile
August 11, 2011, 10:07:05 PM
 #14

security by obscurity is no security at all
Not true.  I don't know why people keep throwing this quote around, but it's simply not true.

It is easier to steal a file of known filename and location, than it is to steal a file of unknown filename and unknown location.

I wouldn't rely solely on security by obscurity, but it is certainly better than "no security at all."  It DOES help.

OP, great idea.  I like it.  Wink
Gavin Andresen
Legendary
*
qt
Offline Offline

Activity: 1652


Chief Scientist


View Profile WWW
August 12, 2011, 12:32:00 AM
 #15

-wallet=foo.dat  command-line param would be easy (unless you allow an absolute path, in which case the code that detects whether two instances of bitcoind are trying to write to the same wallet would have to be changed).

But if you pass it on the command-line, then wallet-stealers can just adapt and look in the process list to figure out where the wallet is.  If you put it in the bitcoin.conf then the wallet-stealers can also look in the bitcoin.conf to figure out where it is.

I like the 'deterministic wallet' idea that's been floating around (enter a password passphrase at startup, and keys are magically derived from that password passphrase and never touch the disk at all).

Seems like there would be a clever way of combining that with white-box cryptography to make the private keys extremely trojan-resistant.

In which case the wallet-stealers will just rewrite the bitcoin address/amount after you press the "send coins" button...

Edited to replace 'password' with 'passphrase'

How often do you get the chance to work on a potentially world-changing project?
aq
Full Member
***
Offline Offline

Activity: 238


View Profile
August 12, 2011, 01:39:07 PM
 #16

I like the 'deterministic wallet' idea that's been floating around (enter a password at startup, and keys are magically derived from that password and never touch the disk at all).
Bitcoins would essentially become a race between people running dictionary attacks. The funny part would be that even the thief would not know whos bitcoins he just got.
SgtSpike
Legendary
*
Offline Offline

Activity: 1344



View Profile
August 12, 2011, 06:21:12 PM
 #17

-wallet=foo.dat  command-line param would be easy (unless you allow an absolute path, in which case the code that detects whether two instances of bitcoind are trying to write to the same wallet would have to be changed).

But if you pass it on the command-line, then wallet-stealers can just adapt and look in the process list to figure out where the wallet is.  If you put it in the bitcoin.conf then the wallet-stealers can also look in the bitcoin.conf to figure out where it is.

I like the 'deterministic wallet' idea that's been floating around (enter a password passphrase at startup, and keys are magically derived from that password passphrase and never touch the disk at all).

Seems like there would be a clever way of combining that with white-box cryptography to make the private keys extremely trojan-resistant.

In which case the wallet-stealers will just rewrite the bitcoin address/amount after you press the "send coins" button...

Edited to replace 'password' with 'passphrase'
I completely agree, BUT it would eliminate the trojans that simply look for a file named wallet.dat.  One extra step is one extra step.  Maybe that means one less trojan would be written, because the trojan writer is noob enough to not know how to look at params in the process list.

Interesting thoughts regarding the deterministic wallet idea.  I don't quite understand how that would work, but it does sound like it would be loads more secure than the current solutions.  Well, as long as people used extremely secure passphrases, or people could brute-force their way into finding bitcoin wallets, as aq pointed out.
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!