securing your bitcoins - kitten tofu
DESCRIPTION
How to secure your bitcoins. This technical presentation by Kitten Tofu is at a medium-advanced level for those who are deeply involved in bitcoin. This was presented at the Bitcoin Barcamp in Sydney on 15th March 2014. To view the full talk or find more presentations from Australia's first pop-up unConference on cryptocurrency innovation, go to www.bitcoinbarcamp.orgTRANSCRIPT
Securing your Bitcoins
Kitten Tofu
Hello!
• Kitten Tofu!• Cryptocurrency enthusiast since 2011!• Worked in infosec for a couple years!• Full time cryptocurrency researcher!!
This Talk
I want you to interrupt me.!
This Talk
• Entropy!• Use Cases and Adversaries!• blockchain.info client!• Offline Wallets!• m of n signature schemes!• BIP32 (“HDWallets”)!• Network Architecture!• Malleability!
Entropy
• Measure of “randomness”!• Usually expressed as the number of bits!!• Pick truly random passphrases!
• Google for “diceware”!
Use cases + Adversaries
• Short Term / Easy Access / “hot wallet”!• Long Term / Savings / “cold storage”!!• Somebody who has physical access to you!• Some random hacker on the internet!
blockchain.info
• Client side encryption, however...!• Google for “matasano javascript”!• Enable 2 factor authentication!
Offline Wallets
• Private keys on an air gapped computer!
Offline Computer!
Online Computer!
Internet! Private Keys!
Offline Wallets
• Private keys on an air gapped computer!
Offline Computer!
Online Computer!
Internet! Public Keys! Private Keys!
Offline Wallets
• Private keys on an air gapped computer!
Offline Computer!
Online Computer!
Internet! Public Keys! Private Keys!
Unsigned!Transaction!
Offline Wallets
• Private keys on an air gapped computer!
Offline Computer!
Online Computer!
Internet! Public Keys! Private Keys!
Signed!Transaction!
Offline Wallets Armory makes this easy!
Offline Wallets
• Encrypt properly!!• Watch out for USB viruses!!
m of n “multisig” transactions
• BIP 11, Gavin Andresen!• blockchain.info implements this!• DIY: Shamir’s secret sharing scheme!• Good for shared accounts!• Mitigation against losing access!
BIP32 - HD Wallets
• Create two “extended keys”!• One for public keys!• One for private keys!
• Child Key Derivation (CKD)!• Given one of these extended keys, you
can derive any of 232 -1 “children”!
BIP32 - HD Wallets
Addition (+) of two coordinate pair is defined as application of the EC group operation
Architecture
• Online gambling website / exchange!• Online shop!
Architecture
Web Server!
Hot Wallet!
Internet!
Cold Wallet!Manually processing
gateway!
Private Key!Generator!
Public Key!Generator!
Private Key!Generator!
Architecture
Web Server!
Internet!
Cold Wallet!Manually processing
gateway!
Public Key!Generator!
Private Key!Generator!
Malleability
• Your exact transactions are not the only transactions that can spend your funds!
!• Not as bad as it sounds, just don’t rely on
your txids making it into the blockchain!