mobile bitcoin wallet security - andras mendik
DESCRIPTION
In Andy's technical talk on Mobile Bitcoin Wallet Security: Security is everyone's responsibility, he gives a great overview on wallet storage and then deep dive on how encryption works as well as the gaps to be aware of. While Andy works for Sophos, these thoughts are his own. This was first presented at the Bitcoin Barcamp in Sydney on 15th March 2014. To view the full talk or find more presentations from Australia's first pop-up unConference on cryptocurrency innovation, go to www.bitcoinbarcamp.orgTRANSCRIPT
1
András Mendik Threat Researcher
Mobile Bitcoin Wallet Security Security is Everyone’s Responsibility
2
Mobile Bitcoin Wallet Security
• Bitcoin Storage ○ Desktop Wallet ○ Mobile Wallet ○ Web Wallet
• Compare Mobile Wallets ○ Bitcoin Wallet ○ Blockchain.info Wallet
• Security is Everyone’s Responsibility ○ Mobile wallet aBack vectors
• Live Demo ○ Setup and secure your Blockchain.info wallet ○ How to steal some Bitcoins from the ‘Bitcoin Wallet’
3
Bitcoin Storage
Desktop Wallets Mobile Wallets Web Wallets Desktop wallets are installed on your computer. They give you complete control over your wallet. You are responsible for protecHng your money and doing backups.
Mobile wallets allow you to bring Bitcoin with you in your pocket. You can exchange bitcoins easily and pay in physical stores by scanning a QR code or using NFC "tap to pay".
Web wallets allow you to use Bitcoin on any browser or mobile and oNen offer addiHonal services. However, you must choose your web wallet with care as they host your bitcoins.
4
Bitcoin Wallet -‐ Google Play
• No registraHon, web service or cloud needed! This wallet is de-‐centralized and peer to peer.
• Display of Bitcoin amount in BTC and mBTC. • Conversion to and from naHonal currencies. • Sending and receiving of Bitcoin via NFC, QR-‐codes or Bitcoin URLs.
• Address book for regularly used Bitcoin addresses.
• When you're offline, you can sHll pay via Bluetooth.
• System noHficaHon for received coins. • App widget for Bitcoin balance.
5
Blockchain.info -‐ Google Play
• Client Side Wallet EncrypHon • Open Source • Server assisted PIN ProtecHon • AutomaHc and Manual Wallet backups • Paper Wallet Support • Scan Private Keys • Quick, Custom and Shared Send • Local Currency Conversion • Add Notes to transacHons • Push NoHficaHons • P2P Fallback mode if the centralised server is offline.
6
Bitcoin Wallet -‐ Security
• Private Keys only exist on your Android Device • AES 256 Encrypted Backups (Manual Only)
Wallet stored on your device is un-‐encrypted!
7
Blockchain.info -‐ Security
• Open Source • AutomaHc and Manual Wallet backups ○ Email ○ Dropbox / Google Drive ○ Paper
• Client Side AES 256 Double EncrypHon ○ Wallet encrypted with Main Password ○ Private Key encrypted with Second Password
• Client Side Password/Keys ○ Password is never sent to their server in any way shape or form ○ Un-‐encrypted private keys are never shared with their server
hBps://blockchain.info/wallet/security
8
• Two Factor AuthenHcaHon ○ SMS ○ Email ○ Yubikey ○ Google AuthenHcator
• Block TOR ip address • Lock to ip address • InacHvity Logout
hBps://blockchain.info/wallet/security
Blockchain.info -‐ Security
9
AES 256 -‐ Decrypted Wallet { "guid" : "ef577e17-‐490c-‐4840-‐85e3-‐852f97e39891", "sharedKey" : "a4071684-‐bd5e-‐4454-‐9a3b-‐a69123e14eb2", "opHons" : { "pbkdf2_iteraHons":10, "fee_policy":0, "html5_noHficaHons":false, "logout_Hme":600000, "tx_display":0, "always_keep_local_backup":false, "transacHons_per_page":30, "addiHonal_seeds":[] }, "keys" : [ { "addr":"136dDyVaR3S5zv96fdznw2V1SL6EQhNVn", "priv":"NxQBXB1YpUVr75i1He1SXCTWd7KdgZp79TC1EBfAcnV", "created_Hme":0, "created_device_name":"javascript_web", "created_device_version":"1.0" } ] }
AES 256 -‐ Encrypted Wallet + K t T P A B o G y H j W n M N 1 R x F U 6 K g 9 8 K 5 m p B+qmULalluU0JF1HXTGIERPudvxNSM2y0onYsGNFILhsTIn2Qoz4b1+lYm3iTV4g9TlW7dVUvKYsir0sWEhum d E n t A s F v d 7 c x u z h 1 F / a s F q E s r v s 1 k p g F pM S i p V v / y x 2 q f 1 L 5 j h q P L H T n o / e i+ N v Z H L S I X C j R 2 b f e 0 Y c 1 3 C G U K B u /+lzBTOIsliXMinHdm7KMj5Qy4bkr5Sd7nRKn8uhqVVHBGhKLICgXivLlLYt8jOTHXJpMafQJYNakxwzx4mbL o 8 o r v t o j 7 l 4 a E 6 / e u s T Q 5 Y M V y N m p F 4 j C d T V Y K O Z X Z T E s Z I C 0 m q z Y 8 /k p f Q x K D L 3 t 2 S 3 v d P E F f K 6 o k a l e F N K M r M S M h g W y e t+HpCkNCR7y4eJrV1VT8yGnPVE9Nn5rbUb1Ul098JYnhL9otA9P3QEH4+S/2m0HMuiuni/YMnx/uPrg+ y R l 0 g 9 U I H Z r 6 F 8 /C2zGvyVwohlwCQv5+MnNhF51ZPNBajxE4kdSaktrgbZB3r63Xj5TTrDcaFfGKOstMl3KV5jeagQSbiS7jtLLLxJmD2z9yFG3J4vpp3+HNKvLvJMYdQwZ8EXc lxMJ6YkdN3iBK2r lUT0e1GDrAp+SoX3t++v4vIXxafcKYZ7nDGUqxb+uIWpZqn9pZiwHSoX3SAO6fBqBzhZjeu00O06+mJBo6SEFtcMOGo+e
10
AES 256 -‐ Decrypted Wallet { "guid" : "ef577e17-‐490c-‐4840-‐85e3-‐852f97e39891", "sharedKey" : "a4071684-‐bd5e-‐4454-‐9a3b-‐a69123e14eb2", "double_encrypBon" : true, "dpasswordhash" : "641468e16aa0aecf00f383bc28378636ad78c2c0ebde8b6cc7af6166285ea99f", "opHons" : { "pbkdf2_iteraHons":10, "fee_policy":0, "html5_noHficaHons":false, "logout_Hme":600000, "tx_display":0, "always_keep_local_backup":false, "transacHons_per_page":30, "addiHonal_seeds":[] }, "keys" : [ { "addr":"136dDyVaR3S5zv96fdznw2V1SL6EQhNVn", "priv":"mXZEqzNHIQ14HbLt5b9Zj68YkW2CudYiYQ9Oisb7UPW9Tuz32evQ83vr3G89KPqyio51yDwhK2fgMsnRgqvFvA==", "created_Hme":0, "created_device_name":"javascript_web", "created_device_version":"1.0" }] }
AES 256 -‐ Encrypted Wallet s e nQOh1q J S Z hCpUp LXC Z e c u + c rwT FXBwy8KEh I i r B 0 j N i 1 c / X +u vmSm0Nx vBQc g /3H7UDM40Onz2NoGlFiLJN83d48DS8009zh5sHdbOnnN6geXPDVoXqFDhMdxxQ1Swae/qKWZDI8Et/D Y x 2 q U t K L y Y 9 W K A c U j w 1 5 m R N g q z 8 y Y o U y z / 9 L K X J Q / k g f 5 Y r 6 /QasoEwmJM0dqyEmvKjYsaGOKhvIuIsQHtG5joLONC9pnkzynhWHktAt2mFX5iewVRanvU5vdr+yQZm1esYN7gs+hqMHh6/X3XrL/vtHRmoNTDz4MrhpHDr6fl0kPCYjPb+SX9YRx2AM7uYn6PNMF+1lgAiX98tHKJD6yWldH8hcWyEdXEfx6++nWmwN4B2Vaj0tyn53LkxEeI6ktn0u4hf4hdTvS/p y O Q w D i r l 7 a v K s L C i d g o 0 a o o F M V f Y K M V Q U 7 I A 3 D q M H S c q 3 /NxGPB4Evh4rn1Bpou6WIRbm9+0fiK3C6prtcFDYz5imQKLgEDi/Du6ZNxB7lyVgGkNr46db21RGOX/6 R e I a W K U m L l O q t 4 t h r k u 9 k a /tlQNYkzT8MK4wYbe0xsXhUqApIYQM34GKvuuQwjeJj5u6lU5OPzQpxkJB3kWrBG8Ye3+usZ/flGlwO8BxcF2RoMD1yORaA93I52Ca5RCu9LzXkpvCoRMH4RMcNPhqWsf4NAt5+pFhXGXLE1IWWqhT7O v D j R L a 6 p X M D A V / B n 0 6 4 V Z E O 6 w e K T 9 Z 6 Z C T K n 4 d 4 Y L 6 r K R p z k T O x / b 5 /U y V u i X 8 9 h g 6 J A Q h k y x 1 O w J R e P J B W o e v z s 4 X V S Y 2 0 n 8 A e U+ k B a 4 d i D 3 4 d e b U Y 6 8 3 Q z L u j e C N D R 2 8 j g u y K v c c r E m A r l a N Y G v v T /KmMheHFC7fGS7oWgsJ3oId9guOmGjAS0/VnhrpqOQ6R+lihd+7XQ==
AES 256 -‐ Decrypted Private Key NxQBXB1YpUVr75i1He1SXCTWd7KdgZp79TC1EBfAcnV
11
Encrypted Private Key Second Password
Encrypted Wallet Main Password
12
Un-‐encrypted private keys are never shared with the Blockchain.info server
13
Access your Bitcoin from anywhere
14
Security is Everyone’s Responsibility
15
Mobile Wallet AGack Vectors
• Weak Password! ○ How many Hmes have you heard this one?
• Social Engineering ○ Don’t show people your pin code
• Phishing ○ Don’t open suspicious emails ○ Double check your address bar ○ Check your SSL cerHficates
• Machine / Device Compromise ○ Keyloggers ○ Malware & Backdoors
• Lost Device
16
Live Demo Setup and secure your Blockchain.info wallet
17
Live Demo How to steal some Bitcoins from the ‘Bitcoin Wallet’
18 © Sophos Ltd. All rights reserved.