|
btchip
|
 |
May 07, 2015, 02:27:07 PM |
|
I can pick 2 chips.
One is a smartcard. Its specifications are only available through an NDA with the vendor. It has been used in several industries to hold critical secrets since the early 1980s. Considering we haven't seen major repeated breaches of credit cards, pay TV, passports and others I think we can safely assume that their protections hold.
The other one is a generic purpose chip. It's fully documented, nobody ever used it to store valuable secrets. It has not been designed to withstand physical attacks in the first place, so we can also safely assume that it won't.
Both can be backdoored, as I have no way to check that.
Which one do I pick to protect Bitcoin private keys ?
|
|
|
|
|
Muhammed Zakir
|
|
May 07, 2015, 03:15:46 PM |
|
I'm perfectly aware of the values of Open Source (and doing my best to contribute whenever it's possible), but in the end pragmatism rules. Open source is the pragmatism! Bitcoin won't settle for anything less. You'll see it when 100% open hardware hits market for hardware wallets. If a chip manufacturer doesn't want to change any of their practices just pick another one that will. Bitmain would have lost in the long run if that is true. I can pick 2 chips.
One is a smartcard. Its specifications are only available through an NDA with the vendor. It has been used in several industries to hold critical secrets since the early 1980s. Considering we haven't seen major repeated breaches of credit cards, pay TV, passports and others I think we can safely assume that their protections hold.
The other one is a generic purpose chip. It's fully documented, nobody ever used it to store valuable secrets. It has not been designed to withstand physical attacks in the first place, so we can also safely assume that it won't.
Both can be backdoored, as I have no way to check that.
Which one do I pick to protect Bitcoin private keys ?
First. |
|
|
|
becoin
Legendary
 Offline
Activity: 3431
Merit: 1233
|
|
May 07, 2015, 07:03:08 PM |
|
I can pick 2 chips.
One is a smartcard. Its specifications are only available through an NDA with the vendor. It has been used in several industries to hold critical secrets since the early 1980s. Considering we haven't seen major repeated breaches of credit cards, pay TV, passports and others I think we can safely assume that their protections hold.
The other one is a generic purpose chip. It's fully documented, nobody ever used it to store valuable secrets. It has not been designed to withstand physical attacks in the first place, so we can also safely assume that it won't.
Both can be backdoored, as I have no way to check that.
Which one do I pick to protect Bitcoin private keys ?
I'd pick the second one for a number of reasons. But why don't you pick both and leave your customers a choice to decide what they'll trust most? |
|
|
|
|
|
btchip
|
|
May 07, 2015, 07:12:30 PM |
|
But why don't you pick both and leave your customers a choice to decide what they'll trust most?
We'll do that in due time - our next product will have both a secure element and a regular microcontroller. In the meantime we decided to focus on the best (security and cost wise) solution first. |
|
|
|
LiteCoinGuy (OP)
Legendary
Offline
Activity: 1148
Merit: 1014
In Satoshi I Trust
|
|
May 11, 2015, 03:54:24 PM |
|
|
|
|
|
defcon23
Legendary
Offline
Activity: 1120
Merit: 1002
|
|
May 11, 2015, 04:12:34 PM |
|
looks interesting.. would like try it  |
|
|
|
|
|
|
|
fearlesscat10
|
|
May 12, 2015, 12:36:34 PM |
|
It would be nice for this to update the topic title whenever the OP updates, sort of like the Overview for Signature Campaigns. I wasn't aware there was already a Ledger Blue in the making.
|
|
|
|
|
|
JayCrypto
Newbie
Offline
Activity: 28
Merit: 0
|
|
May 19, 2015, 06:40:38 PM |
|
Is not better to keep btc in an encrypted usb? if you have a lot I mean  |
|
|
|
|
|
Muhammed Zakir
|
|
May 19, 2015, 06:43:02 PM |
|
Is not better to keep btc in an encrypted usb? if you have a lot I mean It can be corrupted if you didn't set up well but if you know what you are doing, it is secure to use a USB to store Bitcoin. |
|
|
|
dsattler
Legendary
Offline
Activity: 924
Merit: 1000
|
|
May 20, 2015, 06:39:40 AM |
|
Is not better to keep btc in an encrypted usb? if you have a lot I mean That doesn't protect you if your pc is compromised (trojan, keylogger, other malware). Only a hardware bitcoin wallet which does offline signing can fully protect you. I recommend trezor, because it has a display and shows the btc address for the tx you are signing with it. That's an additional attack vector that malware on your pc simply exchanges the btc address of the recipient of your tx. |
Bitcointalk member since 2013! 
|
|
|
gravitate
Legendary
Offline
Activity: 1372
Merit: 1000
|
|
May 20, 2015, 12:10:27 PM |
|
I am a big fan of Leger mytrezor I have used but always seemed to have problems when using. Will consider getting a few others BUT would like to know if they are open source or closed source like ledger and Trezor? |
To peel or not to peel.
|
|
|
LiteCoinGuy (OP)
Legendary
Offline
Activity: 1148
Merit: 1014
In Satoshi I Trust
|
|
May 27, 2015, 03:22:50 PM |
|
|
|
|
|
gravitate
Legendary
Offline
Activity: 1372
Merit: 1000
|
|
May 28, 2015, 08:00:01 AM |
|
Very interesting. I have to admit I do prefer ledger to trezor BÜT trezor do have more functions.
|
To peel or not to peel.
|
|
|
maheshmahi
Newbie
Offline
Activity: 56
Merit: 0
|
|
May 28, 2015, 08:08:23 AM |
|
Great
Never seen an hardware bits.....but it sounds interesting
|
|
|
|
|
gravitate
Legendary
Offline
Activity: 1372
Merit: 1000
|
|
May 28, 2015, 12:16:14 PM |
|
Especially if you get 2 ledger hooked up tot he same wallet... Keep one with you and 1 safe just incaSE
|
To peel or not to peel.
|
|
|
|
Muhammed Zakir
|
|
May 28, 2015, 12:49:20 PM |
|
@OP: Can you add "open source" to open source projects and link to their repository? It certainly helps people. Thank you! Very interesting. I have to admit I do prefer ledger to trezor BÜT trezor do have more functions.
Only screen, right? |
|
|
|
gravitate
Legendary
Offline
Activity: 1372
Merit: 1000
|
|
May 28, 2015, 01:58:37 PM |
|
@OP: Can you add "open source" to open source projects and link to their repository? It certainly helps people. Thank you! Very interesting. I have to admit I do prefer ledger to trezor BÜT trezor do have more functions.
Only screen, right? I agree with Open Source.. Its very important. What do you mean 'only Screen'?? |
To peel or not to peel.
|
|
|
|
Muhammed Zakir
|
|
May 28, 2015, 04:06:22 PM |
|
@OP: Can you add "open source" to open source projects and link to their repository? It certainly helps people. Thank you! Very interesting. I have to admit I do prefer ledger to trezor BÜT trezor do have more functions.
Only screen, right? I agree with Open Source.. Its very important. What do you mean 'only Screen'?? Trezor have a screen to display and I forgot about buttons. That two things are the only more functions, right? I don't see much advantage in that TBH. |
|
|
|
|
