Pages:
Author

Topic: Bitcoin and Smart Cards (Read 5128 times)

hero member
Activity: 715
Merit: 500
Bitcoin Venezuela
May 25, 2013, 10:45:29 AM
#34
I'm not sure what you mean by "verified through an API"... at the time of the payment, the merchant must ensure that the payment comes from a smartcard that is running the correct software that doesn't leak the private keys or allow double spending. The merchant terminal also needs to be online in order to post the transaction to the Bitcoin network, so verifying the address is just an HTTP call to the "green address" list server (or servers).

Also, the split-key scenario must be very carefully designed to prevent the user from reassembling the private key outside the card. Otherwise the user could simply do the double spend from another device loaded with the reassembled private key.

I think I've read that SmartCards do protect the content on them, I don't think you can take information from them if they are not programmed for that purpose. The Bitcoin Card (that vimeo video on the web) could be an example. I don't know much about those cards.
full member
Activity: 191
Merit: 100
May 25, 2013, 05:38:11 AM
#33
I'm not sure what you mean by "verified through an API"... at the time of the payment, the merchant must ensure that the payment comes from a smartcard that is running the correct software that doesn't leak the private keys or allow double spending. The merchant terminal also needs to be online in order to post the transaction to the Bitcoin network, so verifying the address is just an HTTP call to the "green address" list server (or servers).

Also, the split-key scenario must be very carefully designed to prevent the user from reassembling the private key outside the card. Otherwise the user could simply do the double spend from another device loaded with the reassembled private key.
hero member
Activity: 715
Merit: 500
Bitcoin Venezuela
May 24, 2013, 08:24:09 PM
#32
You mean something like this: https://bitcointalksearch.org/topic/prevent-double-spend-by-using-smartcard-hardware-wallets-190046 ? I like the split-key generation idea, however that would require the issuer to remain in business for at least as long as the cards are used. If the keys are generated on the card, the user loses the ability to recover his funds if the card is lost / stolen / destroyed, but the issuer only needs to publish a list of "green addresses" - the ones belonging to the cards that have been issued. That list can be mirrored and re-published by anyone. If the issuer goes out of business, all previously "green" addresses remain "green" forever and cards can still be sold to users, they just won't be listed anywhere so they'll only work as regular Bitcoin addresses, not "green addresses".

The idea is to be sure the buyer will not double spend. If the Issuer dissappear (and is and honest company) they can publish all the key part they have with the addresses associated and then Users will be able to get their priv-key. But I think spending the funds to one address to left the SmartCard in a trash can because the Issuer doesn't existe anymore would be easier.

I don't think the User's addresses need to be listed as "green addresses" if an User pays with one of those SmartCards and the reader is from the comany too, the address can be verified trough an API, or there's no need even for that. That SmartCard will only work with official readers. So the User can pay and go!

--
rdymac
full member
Activity: 191
Merit: 100
May 24, 2013, 07:46:38 PM
#31
You mean something like this: https://bitcointalksearch.org/topic/prevent-double-spend-by-using-smartcard-hardware-wallets-190046 ? I like the split-key generation idea, however that would require the issuer to remain in business for at least as long as the cards are used. If the keys are generated on the card, the user loses the ability to recover his funds if the card is lost / stolen / destroyed, but the issuer only needs to publish a list of "green addresses" - the ones belonging to the cards that have been issued. That list can be mirrored and re-published by anyone. If the issuer goes out of business, all previously "green" addresses remain "green" forever and cards can still be sold to users, they just won't be listed anywhere so they'll only work as regular Bitcoin addresses, not "green addresses".
newbie
Activity: 31
Merit: 0
May 22, 2013, 07:07:44 PM
#30
watching this thread..

I thought maybe a usb computer stick would make a nice prototype such as a teensy, these do probably not lock the key that well in case of theft, but I'd be okay with that. Just want a small thing I could charge with a few btc's and carry around to different computers.



FYI, I setup this page to gather resources on how to achieve this goal:
https://en.bitcoin.it/wiki/Smart_card_wallet



Am I late to the party? Smiley

I though O was thinking on something new! But clearly I wasn't. Almost everything I thought is already on that wiki page (with not only words as I did) except for one thing.

I have something to add: If the merchanr have to wait for 6 confirmations then this card is practically useless, also if the wallet is deterministic for it to be recoverable; again it merchants would need to wait for 6 confirmations to avoid double-spend attempts.

But if the merchant has for sure that the Smart Card user can't spend the coins twice, he can let the buyer go with even none confirmation.

For this to happen the user shouldn't know the private key that Smart Card is carrying (it can't be taken from the card on any way). To aproach this, without losing the chance to recover the funds in xase the Smart Card is stolen, the private key need to be created in a vanitygen way, where one carries part of the key and the other keeps the other part, but both are only combined securely inside the card.

For example:

The User purchase the Smart Card from a Issuer. Then in a registration procces the users gets a part of the key and the Issuer the other part, so the Issuer insert his part in the un-configured Smart Card. The Issuer sends the Smart Card to the User's house, he insert his part and the private key is generated securely inside the Smart Card.

The private key never see the light, it is stored securely inside the Smart Card. In case the Smart Card is stolen or destroyed, the User can enter his key part in the Issuer website (encripted/hashed I think), sending a request for the other part to the Issuer, and generate the private key to recover its funds. This process would take 24 hours, so any pending transaction gets confirmed. Any merchant can accept payments this way without havin to wait for any confirmation because he knows that it is not possible to double-spend with that SmartCard.
legendary
Activity: 1896
Merit: 1353
February 08, 2012, 11:37:47 AM
#29
Any progress on this? This seems to me to offer the highest practically attainable security. If someone has to steal the card in order for me to lose the coins, it's good enough for me.

in December, slush talked about implementing an Electrum client in a USB stick with a small screen
legendary
Activity: 980
Merit: 1008
February 08, 2012, 11:24:09 AM
#28
Any progress on this? This seems to me to offer the highest practically attainable security. If someone has to steal the card in order for me to lose the coins, it's good enough for me.
hero member
Activity: 714
Merit: 500
November 09, 2011, 04:19:17 AM
#27
How does this go?
legendary
Activity: 1896
Merit: 1353
November 09, 2011, 04:03:46 AM
#26
watching this thread..

I thought maybe a usb computer stick would make a nice prototype such as a teensy, these do probably not lock the key that well in case of theft, but I'd be okay with that. Just want a small thing I could charge with a few btc's and carry around to different computers.



FYI, I setup this page to gather resources on how to achieve this goal:
https://en.bitcoin.it/wiki/Smart_card_wallet

full member
Activity: 354
Merit: 103
November 09, 2011, 03:54:24 AM
#25
watching this thread..

I thought maybe a usb computer stick would make a nice prototype such as a teensy, these do probably not lock the key that well in case of theft, but I'd be okay with that. Just want a small thing I could charge with a few btc's and carry around to different computers.

sr. member
Activity: 308
Merit: 250
October 04, 2011, 08:29:32 AM
#24
The same way bitcoin handles it now.  You empty the entire contents of the private key, and give the remainder to a different PUBLIC address in the same wallet.  Then even if they get the private key, who cares, there's nothing left in that address.

Swing and a miss. Smartcards don't generally divulge keys (that's pretty much the whole point of them), and I said nothing about divulging keys being the issue.
hero member
Activity: 793
Merit: 1026
October 04, 2011, 07:31:12 AM
#23
I am by no means an expert in smart cards at all, but I think the chief problem with this approach is that you still have to trust the device reading it. Correct me if I'm mistaken:

Say we're in the future where we can carry our Bitcoin wallet around on a smartcard. I go to Meze Grill, order something delicious and stick my card in the card reader. It asks me to agree to the 0.5BTC or whatever the future price of something tasty is, I tap "yes", it passes the transaction to my smart card and asks it to sign the transaction, before pushing it to the network.

Assuming I'm not misunderstanding something, so far so good.

Now what if the reader is compromised some way? With a smart card approach, there's absolutely no readout or anything of that nature that I can trust. The reader might ask me to agree to 0.5BTC and then ask my smart card to sign a transaction for 50BTC. The risk is reduced at brick and mortar businesses, but it's still there.

The risk is also there for credit cards of course, but drastically reduced because you can charge back credit card transactions that are fraudulent - you can't charge back Bitcoin (that's one of it's charms).

I definitely think pocket-wallet devices are a possible future for Bitcoin, but without them having a readout of the amount I don't think it'll work... and unless I'm mistaken they don't make smartcards with neat little screens on them. Sad

The same way bitcoin handles it now.  You empty the entire contents of the private key, and give the remainder to a different PUBLIC address in the same wallet.  Then even if they get the private key, who cares, there's nothing left in that address.
legendary
Activity: 1896
Merit: 1353
October 03, 2011, 06:45:38 AM
#22
I setup this wiki page, in order to gather information:
https://en.bitcoin.it/wiki/Smart_card_wallet

please let me know if you are interested
newbie
Activity: 14
Merit: 0
June 22, 2011, 01:23:34 AM
#21
The exchanges should offer smart cards to secure account. If it is applied to a wallet that might be interesting.
I agree, with the crypto card approach additional cost for this for almost nothing.
kjj
legendary
Activity: 1302
Merit: 1026
June 22, 2011, 01:15:16 AM
#20
Ah, you started with the retail terminal scenario; I started with the scenarios in use today thinking it could be expanded to those if the cost could get down low enough.

If I were to start with the terminal scenario I would have still do a smart card for form factor and cost reasons; implementation wise I would do a custom card applet that implements the bit coin wallet, communicated with a secured pin entry device (ped) or had onboard display and input mechanisms.

The approach you mention would work but I don't know if it could ever be scaled out to a currency card in a cost effective manner.

That said our two lines of thinking are compatible.

Actually, I started by thinking of ways to get my keys off of my home box, and ways to make sure they never ever had to be exposed to a hostile environment (disregarding loss of possession for now).  Once I got going a little bit, I realized that it would work just as well at a retail POS as it would in my home.

You are probably right that it wouldn't be cost effective for the masses.  I'm thinking around $100 in parts for the first crude ugly prototype, plus many hours of labor.  I'm sure plenty of people here would pay that much, or double that, but we are not typical.
full member
Activity: 154
Merit: 100
June 22, 2011, 12:58:14 AM
#19
The exchanges should offer smart cards to secure account. If it is applied to a wallet that might be interesting.
newbie
Activity: 14
Merit: 0
June 22, 2011, 12:57:00 AM
#18
That's interesting. But consider making it a Bitcoin ready multipayment device. Let's say you can store credentials for credit/debit cards, with all kinds of fancy features that justify the price of the device, but that it so happens to be able to store Bitcoin transaction keys and the means to use them in a transaction with security appropriate for carrying around daily spending amounts. It could provide a back-door for Bitcoin spending from a device that people are already carrying around.

It is one thing to provide enough support for doing a transaction through a reader. Maybe this is setting the bar a little high, but what if there were a way to transfer between Bitcoin and other payment methods right on the card? Let's say you are where you can only pay with a Visa/MC but most of your funds are in BTC. You could make a transfer on the card from BTC to a Visa/MC balance and then make your pruchase. The merchant doesn't even need to know anything about Bitcoin. Perhaps it could be as seamless as a single transaction...

I don't disagree one however requires much more technical and business work than the other and while it would enable new scenarios in the mean time the platform risks still remain.

It may turn out that there is insufficient interest to justify even the most basic project which would still be a significant financial investment if one was to make it scale to the community in an economical and usable way.

My thinking was crawl, walk, run.

Get the keys and wallet-into a crypto device, move much of the client into such a device, build pos infrastructure and account scenarios.... You get the idea....

I should add that at least for us users it's trivial to encode the credit card data into a mag stripe on the back of the card but the issuers would through a hissy fit; in the eu this would be very problematic for technological reasons also.
newbie
Activity: 14
Merit: 0
June 22, 2011, 12:54:43 AM
#17
That's interesting. But consider making it a Bitcoin ready multipayment device. Let's say you can store credentials for credit/debit cards, with all kinds of fancy features that justify the price of the device, but that it so happens to be able to store Bitcoin transaction keys and the means to use them in a transaction with security appropriate for carrying around daily spending amounts. It could provide a back-door for Bitcoin spending from a device that people are already carrying around.

It is one thing to provide enough support for doing a transaction through a reader. Maybe this is setting the bar a little high, but what if there were a way to transfer between Bitcoin and other payment methods right on the card? Let's say you are where you can only pay with a Visa/MC but most of your funds are in BTC. You could make a transfer on the card from BTC to a Visa/MC balance and then make your pruchase. The merchant doesn't even need to know anything about Bitcoin. Perhaps it could be as seamless as a single transaction...

I don't disagree one however requires much more technical and business work than the other and while it would enable new scenarios in the mean time the platform risks still remain.

It may turn out that there is insufficient interest to justify even the most basic project which would still be a significant financial investment if one was to make it scale to the community in an economical and usable way.

My thinking was crawl, walk, run.

Get the keys and wallet-into a crypto device, move much of the client into such a device, build pos infrastructure and account scenarios.... You get the idea....
newbie
Activity: 14
Merit: 0
June 22, 2011, 12:49:36 AM
#16
I've been thinking about wallet security too.  I think a second device is a good idea, but I see it working in a different way.

I see a portable dedicated device with very limited communications ability.  Just a serial port will do, which probably means serial over USB or serial over bluetooth.  It will also have a SD card socket for wallet backups.

The device will generate the key pairs, and store them.  The private key never leaves the device, except on the SD card backup, which could be encrypted.

I think it only needs 3 hooks into the PC client software.

1) It needs to be able to push public keys to the client.
2) It needs to be able to ask for (and receive) balance updates from the client.
3) It needs to be able to accept an address from the client, and generate a complete transaction to that address using an amount entered on a keypad.  (Or possibly accept an address and amount, then only ask for confirmation.)

I think this could help with the retail problem too; no reason why you couldn't plug it into a potentially hostile terminal.

I'm thinking Arduino.  It should already have all of the crypto libraries necessary, plus hookups for serial, USB, BT, and SD cards.  Probably going to order some hardware this week to get started.

I started with the assumption that my box is owned, and every retail terminal is owned (which is true, since they are literally owned by someone other than me).

You plug into your home computer or a retail POS, and the computer sends a payment request.  The device displays the address and amount, you press yes or no.  The device then generates a transaction, or doesn't.

Point 4 through 6 are unnecessary in this scenario, since I'm not worried (yet) about the device getting lost or stolen.  The only problem I'm looking to solve right now is the malware stealing your keys problem.

Ah, you started with the retail terminal scenario; I started with the scenarios in use today thinking it could be expanded to those if the cost could get down low enough.

If I were to start with the terminal scenario I would have still do a smart card for form factor and cost reasons; implementation wise I would do a custom card applet that implements the bit coin wallet, communicated with a secured pin entry device (ped) or had onboard display and input mechanisms.

The approach you mention would work but I don't know if it could ever be scaled out to a currency card in a cost effective manner.

That said our two lines of thinking are compatible.
kjj
legendary
Activity: 1302
Merit: 1026
June 22, 2011, 12:35:22 AM
#15
I've been thinking about wallet security too.  I think a second device is a good idea, but I see it working in a different way.

I see a portable dedicated device with very limited communications ability.  Just a serial port will do, which probably means serial over USB or serial over bluetooth.  It will also have a SD card socket for wallet backups.

The device will generate the key pairs, and store them.  The private key never leaves the device, except on the SD card backup, which could be encrypted.

I think it only needs 3 hooks into the PC client software.

1) It needs to be able to push public keys to the client.
2) It needs to be able to ask for (and receive) balance updates from the client.
3) It needs to be able to accept an address from the client, and generate a complete transaction to that address using an amount entered on a keypad.  (Or possibly accept an address and amount, then only ask for confirmation.)

I think this could help with the retail problem too; no reason why you couldn't plug it into a potentially hostile terminal.

I'm thinking Arduino.  It should already have all of the crypto libraries necessary, plus hookups for serial, USB, BT, and SD cards.  Probably going to order some hardware this week to get started.

I started with the assumption that my box is owned, and every retail terminal is owned (which is true, since they are literally owned by someone other than me).

You plug into your home computer or a retail POS, and the computer sends a payment request.  The device displays the address and amount, you press yes or no.  The device then generates a transaction, or doesn't.

Point 4 through 6 are unnecessary in this scenario, since I'm not worried (yet) about the device getting lost or stolen.  The only problem I'm looking to solve right now is the malware stealing your keys problem.
Pages:
Jump to: