Bitcoin Forum
December 12, 2024, 05:49:36 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Can we keep bitcoin purses safe keeping them in special hardware?  (Read 3714 times)
nubitcoin (OP)
Newbie
*
Offline Offline

Activity: 1
Merit: 0


View Profile
March 21, 2011, 07:21:54 AM
 #1

I am worried about my bitcoin purse getting stolen.  If and when bitcoin gains in popularity, there will be many viruses written designed to steal bitcoin purses.  Anti-virus software is not 100% and when it comes to money things need to be 100% guaranteed.  I can't even fathom how clever virus writers are and I am not willing to take a chance of having a sizable chunk of my money getting stolen.

My question is, is it realistic to have specific hardware designed to keep bitcoin purses (say usb storage looking devices).  They would have hard-wired code in them, so a virus cannot physically attack them.

 
genjix
Legendary
*
Offline Offline

Activity: 1232
Merit: 1076


View Profile
March 21, 2011, 07:27:18 AM
 #2

Yes.

You run bitcoin using -datadir /path/to/usb/

Once encryption is added to wallets, then you'll be able to keep your RSA key on your computer, and your wallet on the USB stick. ATM still working on that.
casascius
Mike Caldwell
VIP
Legendary
*
Offline Offline

Activity: 1386
Merit: 1140


The Casascius 1oz 10BTC Silver Round (w/ Gold B)


View Profile WWW
March 21, 2011, 07:44:48 AM
 #3

I thought that a separate little computer - such as a bankcard terminal - could be connected via serial port and could use its own keypad and display to get transaction confirmation from user. Connected by serial (RS232) this is a low bandwidth connection that would isolate it from attacks on the network.

A bankcard terminal is merely a form factor for a small computer. A desktop appliance with minimal display and often printing ability. Many devices would fit this purpose at a low cost.

Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable.  I never believe them.  If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins.  I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion.  Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice.  Don't keep coins online. Use paper or hardware wallets instead.
Meni Rosenfeld
Donator
Legendary
*
Offline Offline

Activity: 2058
Merit: 1054



View Profile WWW
March 21, 2011, 09:43:04 AM
 #4

Yes.

You run bitcoin using -datadir /path/to/usb/

Once encryption is added to wallets, then you'll be able to keep your RSA key on your computer, and your wallet on the USB stick. ATM still working on that.
I don't understand, what will prevent the virus from getting your key from your computer and use it when you connect your flash drive?

1EofoZNBhWQ3kxfKnvWkhtMns4AivZArhr   |   Who am I?   |   bitcoin-otc WoT
Bitcoil - Exchange bitcoins for ILS (thread)   |   Israel Bitcoin community homepage (thread)
Analysis of Bitcoin Pooled Mining Reward Systems (thread, summary)  |   PureMining - Infinite-term, deterministic mining bond
no to the gold cult
Full Member
***
Offline Offline

Activity: 140
Merit: 101



View Profile
March 21, 2011, 11:15:46 AM
 #5

Yes.

You run bitcoin using -datadir /path/to/usb/

Once encryption is added to wallets, then you'll be able to keep your RSA key on your computer, and your wallet on the USB stick. ATM still working on that.

By the way, is it possible to use a wallet.dat from a Windows installation on a Linux installation of the client? I don't currently have access to a Linux machine to try this out.
chromicant
Newbie
*
Offline Offline

Activity: 40
Merit: 0


View Profile
March 21, 2011, 01:24:22 PM
 #6

I thought that a separate little computer - such as a bankcard terminal - could be connected via serial port and could use its own keypad and display to get transaction confirmation from user. Connected by serial (RS232) this is a low bandwidth connection that would isolate it from attacks on the network.

A bankcard terminal is merely a form factor for a small computer. A desktop appliance with minimal display and often printing ability. Many devices would fit this purpose at a low cost.

Actually...that's an interesting idea.

I've been working with a STM8S-DISCOVERY board to run GNUK on the STM32 part. I still have some bugs to work out on the GnuPG implementation, but it may be interesting to try to hack up some code to make a smartcard-like application that can do transaction signing on said hardware. There is a bit of work that would need to be done on hardware as well as getting a client to be able to read the wallet from the hardware.

May be an interesting proof of concept.
Jered Kenna (TradeHill)
Sr. Member
****
Offline Offline

Activity: 420
Merit: 250



View Profile WWW
March 21, 2011, 02:05:14 PM
 #7

I thought that a separate little computer - such as a bankcard terminal - could be connected via serial port and could use its own keypad and display to get transaction confirmation from user. Connected by serial (RS232) this is a low bandwidth connection that would isolate it from attacks on the network.

A bankcard terminal is merely a form factor for a small computer. A desktop appliance with minimal display and often printing ability. Many devices would fit this purpose at a low cost.

Actually...that's an interesting idea.

I've been working with a STM8S-DISCOVERY board to run GNUK on the STM32 part. I still have some bugs to work out on the GnuPG implementation, but it may be interesting to try to hack up some code to make a smartcard-like application that can do transaction signing on said hardware. There is a bit of work that would need to be done on hardware as well as getting a client to be able to read the wallet from the hardware.

May be an interesting proof of concept.

The only problem I see is if a virus / hacker / whatever could spoof the response from the terminal. I think the best advice I've seen is to keep a seperate wallet which stores the bulk of your funds and just deposit to it but keep a smaller daily use wallet. If you treat it like cash it's not so bad,people freak out and say things like "what if someone breaks in to my house and steals my wallet" well what if someone breaks in to your house and steals your physical wallet filled with USD? Keep it secure. The obvious advantage is you can back it up as much as you want / encrypt it where as you can't take those $20's down to kinkos.

moneyandtech.com
@moneyandtech @jeredkenna
casascius
Mike Caldwell
VIP
Legendary
*
Offline Offline

Activity: 1386
Merit: 1140


The Casascius 1oz 10BTC Silver Round (w/ Gold B)


View Profile WWW
March 21, 2011, 02:23:18 PM
 #8

The terminal itself would do the signing and possess the keys and only cough up the signed transction so no way to spoof.

Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable.  I never believe them.  If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins.  I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion.  Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice.  Don't keep coins online. Use paper or hardware wallets instead.
Jered Kenna (TradeHill)
Sr. Member
****
Offline Offline

Activity: 420
Merit: 250



View Profile WWW
March 21, 2011, 02:42:13 PM
 #9

The terminal itself would do the signing and possess the keys and only cough up the signed transction so no way to spoof.

Could do the same thing (a lot cheaper) with a token or something along those lines right? If you're really worried then a password protected token.

moneyandtech.com
@moneyandtech @jeredkenna
nelisky
Legendary
*
Offline Offline

Activity: 1540
Merit: 1002


View Profile
March 21, 2011, 02:49:46 PM
 #10

So what would the requirements be for such a device? The bitcoin software would still run on the PC, but instead of having the keys stored in the local wallet it would communicate with the device?

I can see myself getting a proof of concept going using a PIC32... would that be safe enough? The device would connect to the PC using USB but instead of providing a USB disk with the wallet, it would provide a serial interface or something alike that would allow the connected bitcon client to operate upon. So it would still be possible for a virus to take over the computer and ask the device to transfer whatever to wherever, but the serial API could use a password protection / encryption step to make this harder. And because the keys are NEVER shared with the outside world, one could also set up hard limits (no transaction larger than 100btc, for example) so it would be safe to use the device on public computers.

Would this be safe enough?
Jered Kenna (TradeHill)
Sr. Member
****
Offline Offline

Activity: 420
Merit: 250



View Profile WWW
March 21, 2011, 03:04:19 PM
 #11

So what would the requirements be for such a device? The bitcoin software would still run on the PC, but instead of having the keys stored in the local wallet it would communicate with the device?

I can see myself getting a proof of concept going using a PIC32... would that be safe enough? The device would connect to the PC using USB but instead of providing a USB disk with the wallet, it would provide a serial interface or something alike that would allow the connected bitcon client to operate upon. So it would still be possible for a virus to take over the computer and ask the device to transfer whatever to wherever, but the serial API could use a password protection / encryption step to make this harder. And because the keys are NEVER shared with the outside world, one could also set up hard limits (no transaction larger than 100btc, for example) so it would be safe to use the device on public computers.

Would this be safe enough?

I think (could be wrong here) that it's more complicated than it needs to be.
You could use a physically connected token or a bluetooth token (cell phone maybe?) with a pin on it.
You could do this several ways. One would be entering the password sends a code to the computer letting you transfer or the other would be it displays the code (like a paypal token) to be typed in on the computer and given access.

Theres a lot of options with tokens and seeing how you can have them pin restricted and how cheap they are I think it's a good option. My only issue is if the token dies / gets lost etc, you'd have to have a backup of some sort.

moneyandtech.com
@moneyandtech @jeredkenna
Gavin Andresen
Legendary
*
Offline Offline

Activity: 1652
Merit: 2311


Chief Scientist


View Profile WWW
March 21, 2011, 03:05:17 PM
 #12

The terminal itself would do the signing and possess the keys and only cough up the signed transction so no way to spoof.

But how do you know that the transaction the hardware device signed is actually the transaction you wanted to make?  You might THINK you're sending 100BTC to your brother, your computer will SAY you're sending 100BTC to your brother, but the trojan might change the destination address that goes in to the hardware device.

Unless the hardware device has some sort of display and physical button to OK the transaction.  In which case the hardware device sounds a lot like a smart phone.

How often do you get the chance to work on a potentially world-changing project?
nelisky
Legendary
*
Offline Offline

Activity: 1540
Merit: 1002


View Profile
March 21, 2011, 03:19:04 PM
 #13


I think (could be wrong here) that it's more complicated than it needs to be.
You could use a physically connected token or a bluetooth token (cell phone maybe?) with a pin on it.
You could do this several ways. One would be entering the password sends a code to the computer letting you transfer or the other would be it displays the code (like a paypal token) to be typed in on the computer and given access.

Theres a lot of options with tokens and seeing how you can have them pin restricted and how cheap they are I think it's a good option. My only issue is if the token dies / gets lost etc, you'd have to have a backup of some sort.

I don't get it, sorry. What would be stored in the token? And what would the communication between the token and the bitcoin PC client be? If you are using the token to hold the wallet and do the transaction signing itself, then we are talking about the same thing, if on different hw (pics can come out REAL cheap, too).
But if you are saying the token pin protects the wallet.dat file, then there's no trojan/virus protection at all, I guess. Once you unlock it, the file is available to the computer, period.
Jered Kenna (TradeHill)
Sr. Member
****
Offline Offline

Activity: 420
Merit: 250



View Profile WWW
March 21, 2011, 03:34:28 PM
 #14


I think (could be wrong here) that it's more complicated than it needs to be.
You could use a physically connected token or a bluetooth token (cell phone maybe?) with a pin on it.
You could do this several ways. One would be entering the password sends a code to the computer letting you transfer or the other would be it displays the code (like a paypal token) to be typed in on the computer and given access.

Theres a lot of options with tokens and seeing how you can have them pin restricted and how cheap they are I think it's a good option. My only issue is if the token dies / gets lost etc, you'd have to have a backup of some sort.

I don't get it, sorry. What would be stored in the token? And what would the communication between the token and the bitcoin PC client be? If you are using the token to hold the wallet and do the transaction signing itself, then we are talking about the same thing, if on different hw (pics can come out REAL cheap, too).
But if you are saying the token pin protects the wallet.dat file, then there's no trojan/virus protection at all, I guess. Once you unlock it, the file is available to the computer, period.

The token would just provide a Mathematical algorithm based one time password and that's it. The client would only send when it confirmed this password. You could use OATH for this.
It's open source etc. Like mentioned above you could still be vulnerable to someone swapping the address. You wouldn't lose your entire wallet though and would be a start.

It would be like this.
1)turn on client and enter address of recipient
2) type amount and hit send
3) client asks you for token password
4) enter pin on token get password ex:447421
5) type 447421 in to client and the transfer starts

If someone was listening in or standing over your shoulder etc they wouldn't be able to replicate this because they don't have the token.
The token could be used manually like this or it could be connected via usb / bluetooth / whatever they make a variety.
The client would have to be modified to get the "go" on the transfer from the token is all.

moneyandtech.com
@moneyandtech @jeredkenna
ffe
Sr. Member
****
Offline Offline

Activity: 308
Merit: 250



View Profile
March 21, 2011, 04:11:37 PM
 #15

Problem is, as some have asked about above, the client does not know who you really want to send money to and how much to send.

So the token is there and the client knows for sure that a human who knows a password is sitting at the computer. But a Trojan can get any amount sent to anyone once the handshake with the token is complete because at this point the handshake is complete, the password is entered, the private keys are unlocked, etc...
nelisky
Legendary
*
Offline Offline

Activity: 1540
Merit: 1002


View Profile
March 21, 2011, 04:15:32 PM
 #16


The token would just provide a Mathematical algorithm based one time password and that's it. The client would only send when it confirmed this password. You could use OATH for this.
It's open source etc. Like mentioned above you could still be vulnerable to someone swapping the address. You wouldn't lose your entire wallet though and would be a start.

It would be like this.
1)turn on client and enter address of recipient
2) type amount and hit send
3) client asks you for token password
4) enter pin on token get password ex:447421
5) type 447421 in to client and the transfer starts

If someone was listening in or standing over your shoulder etc they wouldn't be able to replicate this because they don't have the token.
The token could be used manually like this or it could be connected via usb / bluetooth / whatever they make a variety.
The client would have to be modified to get the "go" on the transfer from the token is all.

How does this protect one from the virus scenario? I'm assuming the wallet will have to be loaded in memory in an unencrypted way for this to work, at least while sending a transfer.

And I don't know if this is an issue at all, but does this allow in any way for the mobility of the wallet? I mean, will the token and the wallet be paired in such a way that you can safely load your wallet into some bitcoin client, knowing that it will only be available if you use the token's OTP?
Jered Kenna (TradeHill)
Sr. Member
****
Offline Offline

Activity: 420
Merit: 250



View Profile WWW
March 21, 2011, 04:17:07 PM
 #17

Problem is, as some have asked about above, the client does not know who you really want to send money to and how much to send.

So the token is there and the client knows for sure that a human who knows a password is sitting at the computer. But a Trojan can get any amount sent to anyone once the handshake with the token is complete because at this point the handshake is complete, the password is entered, the private keys are unlocked, etc...

This is outside my realm but is there anyway to tie the destination address in with the token? For example if it's a connected token (physically or wireless) you type the address in to the token followed by your pin and the client receives the verification first then attached to it is the destination? Or the address then the verification or whatever but the idea is that they're coupled and received as a pair.

Edit: in regards to nelisky above, the idea would be that the client only transfers when it has permission from the token. Trying to shoot the gun with the safety on.
Maybe the easiest way would be to have a device that is less prone to viruses dedicated to btc as it's sole purpose.

moneyandtech.com
@moneyandtech @jeredkenna
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!