Pages:
Author

Topic: Default encryption for wallet.dat (Read 5020 times)

legendary
Activity: 1008
Merit: 1001
Let the chips fall where they may.
June 29, 2011, 11:06:43 AM
#22
I have had a slight change of heart on this topic:

A miner does not need a decrypted wallet.dat because it is possible to make a wallet-less miner

Quote from: phillipsjk
A miner just needs to know an address to send the coins to as well as a source of entropy (such as intermittent network connections). The miner then generates a throw-away private key/address pair. Upon coin creation, the coins are spent in the same transaction block to the destination address. As has been noted in other threads, the destination wallet does not even have to be on an Internet-connected computer.
Edit: To avoid refunded coins (and a non-empty virtual wallet), Transaction fees should be payed out of fees paid to the miner in the transaction block; likely (approximating) a user-configurable percentage. Errata: miner processing the transaction can decide which transactions are included or not: no fees necessary.
jr. member
Activity: 42
Merit: 2
June 24, 2011, 09:10:02 AM
#21
Well, I was thinking of mechanism that uses the so-called "Trusted Computing Module" in your motherboard, or uses a secure key generated by your CPU's unique private key.

I think this could be a problem if something goes wrong with the CPU or motherboard the wallet might not be able to be unencrypted.

-Dukejer
sr. member
Activity: 434
Merit: 252
youtube.com/ericfontainejazz now accepts bitcoin
June 23, 2011, 07:14:09 PM
#20
This will trash tons of bitcoins because of users forgetting their passwords.

Maybe each bitcoin client could have a unique code built in to decrypt with by default so that the wallet.dat stays encrypted on the hard drive but users wouldn't need to remember their password if they use their same client.

How do you keep this unique code from the hackers?  If they can access your wallet.dat, they can get at this code too.

Well, I was thinking of mechanism that uses the so-called "Trusted Computing Module" in your motherboard, or uses a secure key generated by your CPU's unique private key.
full member
Activity: 182
Merit: 100
June 23, 2011, 09:51:56 AM
#19
This will trash tons of bitcoins because of users forgetting their passwords.

Maybe each bitcoin client could have a unique code built in to decrypt with by default so that the wallet.dat stays encrypted on the hard drive but users wouldn't need to remember their password if they use their same client.

How do you keep this unique code from the hackers?  If they can access your wallet.dat, they can get at this code too.
hero member
Activity: 686
Merit: 501
Stephen Reed
June 23, 2011, 09:50:48 AM
#18
The problem of lost passwords for default-encrypted wallet.dat files is already solved by existing online password storage services...

For example: http://www.passpack.com/en/home/

One can easily image an entrepreneur on this forum offering such a service tailored for, and marketed to, bitcoin clients.
sr. member
Activity: 434
Merit: 252
youtube.com/ericfontainejazz now accepts bitcoin
June 23, 2011, 09:13:47 AM
#17
This will trash tons of bitcoins because of users forgetting their passwords.

Maybe each bitcoin client could have a unique code built in to decrypt with by default so that the wallet.dat stays encrypted on the hard drive but users wouldn't need to remember their password if they use their same client.
jr. member
Activity: 42
Merit: 2
June 23, 2011, 09:02:11 AM
#16
Whenever new private keys are generated they should mandatory have the option to send the keys to a removable device unencrypted clear text for safe keeping.  Then the private keys in the wallet should be encrypted in the wallet and in memory and only unencrypted at the time Bitcoins are sent.   If someone forgets their password they should be able to re-import the private key from a removable device and then set a new password on the private keys for the wallet.

-Dukejer.
full member
Activity: 126
Merit: 100
June 23, 2011, 08:55:44 AM
#15
I would build in default encryption using a strong algorithm such as AES, with options to switch to other types of encryption if the user desires.  Having an unencrypted wallet is like having a car with no locks. :/ Thieves are still responsible when they steal, but you sure posted a welcome sign on the door!  Until this flaw in the Bitcoin software is fixed, I've put my wallet (still empty, but not for much longer) on a purpose-build Jetico Bestcrypt volume, along with the Bitcoin program, and protected it with a unique passphrase of unusual length.  That's a nuisance, but a whole lot safer than otherwise.  Please note that even an encrypted volume doesn't protect you against a password-stealing trojan or other types of malware; that's why I favor having the Bitcoin software do encryption on the fly.  It can protect your wallet better than just using a third-party encryption program.  However, third-party is better than nothing.

For those who prefer to support open source, Truecrypt works as well for this purpose.  I've been using Bestcrypt since the late 1990s, when Truecrypt wasn't even a gleam in anybody's eye, and trust it, so I've stuck with it. Wink
full member
Activity: 168
Merit: 100
God creats math and math creats bitcoin.
June 23, 2011, 08:46:15 AM
#14
You know what, I guess Gavin will chose the last one. He didn't think the encrypt would be his first priority, which was mentioned in one of his blog after the heist of 25k bitcoin.
hero member
Activity: 868
Merit: 1000
June 23, 2011, 08:36:07 AM
#13
Just tossing in an idea.

What if the user instead of using a password used a private key that was saved separately from the wallet.dat? This private key would be needed to decrypt the wallet when the user wanted to use an adress in the wallet. That way, if the attacker got a encrypted wallet.dat, he would be unable to decrypt it without the proper private key.

Preferably the client would show the user a screen for proper handling of private keys and wallet once the client starts up, or preferabbly the first few times, and then later with random intervals. Perhaps a bit annoying, but many people will put convenience over security and not care about securing their wallet, so perhaps reminding them more often would help? There could also be an option screen where this could be turned off perhaps.

The private key could then be stored on for example an usb disk or a mobile phone, and just be inserted every time you needed to do a transaction.

I do not propose to have the final solution to these issues, as I know people are lazy, forgets easily and a lot of users will forget to back up their private key, or misplace it. I am sure we will see a lot of services and ways to keep the wallet.dat safe pop up in the coming months.

But as it is now, and as many people have said, getting access to anyone's coins now is just a matter of getting their wallet.dat just like a physical wallet, but unlike a physical wallet, a bitcoin wallet can exist in many copies. In the event an encrypted wallet that's encrypted with either a password or a private key is stolen, the wallet owner should have enough time to transfer the bitcoins to a new wallet if he notices this has happened, and even if he notices it has happened and he does nothing about it, it is highly unlikely that the attacker will be able to decrypt the wallet he got if it is secured with a very strong password or a very strong private key.

So, in my view, encryption of the wallet.dat will prevent some bitcoins from being stolen, but perhaps even more bitcoins will be lost from people forgetting about their passwords or private keys? But I am sure there will spring up companies that take security very seriously and that will hold your private keys for you. I can think of a company which sole purpose is to hold private keys for users, but not handling their wallets. Then it would be nearly impossible for such a company to compromise the wallets of any of its clients, because they do not know which private key belongs to which wallet, so storing keys and wallets separately could be a good idea.

Well, that's some rant from me, and I am not a crypto-expert and I am not an expert on user behavior, but is very obvious that no matter the solution we chose to adapt, there will always be cons and pros.
jr. member
Activity: 56
Merit: 1
June 23, 2011, 07:46:47 AM
#12
The developers are already working on this, of course, and it is a priority for the next release.

You can follow their progress here:

https://github.com/bitcoin/bitcoin/pull/232
member
Activity: 84
Merit: 10
June 23, 2011, 07:44:18 AM
#11
Encryption as an option in the client is what I would recommend. If you want to encrypt then you can. If not, then you don't have to.

Lets face it, security is a major problem for bitcoin. If bitcoin is to go mainstream then the average joe needs to know that their wallet is secure. Encryption is one way of solving that (even if its a mirage).

The primary value of money is derived from faith in the currency. Faith that it will hold its value and faith that the merchant up the street will accept it.
legendary
Activity: 1148
Merit: 1008
If you want to walk on water, get out of the boat
June 23, 2011, 07:21:47 AM
#10
Well better than wallet stole by trojans...
full member
Activity: 168
Merit: 103
June 23, 2011, 07:16:56 AM
#9
This will trash tons of bitcoins because of users forgetting their passwords.
legendary
Activity: 1008
Merit: 1001
Let the chips fall where they may.
June 21, 2011, 11:53:02 PM
#8
Encryption will lead to data-loss when users forget their paswords passphrase after 3-300 months.

The other extreme would be the users using "12345678" as their password: giving them little protection.

That said, leaving the wallet.dat unencrypted complicates securely backing up the wallet.dat. If the Drive is not using full-disk encryption, it is too easy to leave clear-text versions scattered around the disk as well.

Edit: a (solo) miner needs to use an unencrypted wallet.dat (or more accurately, as least 1 unencrypted private key) to generate the 50 coins they pay themselves when generating a block. Just as important as encryption options may be wallet-splitting options.
member
Activity: 85
Merit: 10
June 21, 2011, 11:51:11 PM
#7
A developer stated this actually would be their priority for the next version
full member
Activity: 196
Merit: 101
June 21, 2011, 11:46:35 PM
#6
Is here a developer of the default client?  Could that be implemented in the next release?

It's open source. Maybe you could implement it and submit a pull request?
newbie
Activity: 62
Merit: 0
June 21, 2011, 11:44:20 PM
#5
Is here a developer of the default client?  Could that be implemented in the next release?
full member
Activity: 168
Merit: 103
June 18, 2011, 12:17:59 PM
#4
I don't want it to be encrypted actually, but I want that feature to be there for others.
hero member
Activity: 695
Merit: 502
PGP: 6EBEBCE1E0507C38
June 18, 2011, 12:16:48 PM
#3
I already remember passwords for friends and family what's one more.
Pages:
Jump to: