Author

Topic: [ESHOP launched] Trezor: Bitcoin hardware wallet - page 264. (Read 966173 times)

hero member
Activity: 602
Merit: 508
Firstbits: 1waspoza
Love the idea!! Please sign me up for one!
Have you thought in adding the project to http://www.kickstarter.com?
I will support it if you do...

Maybe instead kickstarter use http://www.bitcoinstarter.com/ ?
legendary
Activity: 1386
Merit: 1097
How does the owner send funds outside of seed if the device has been stolen?

Device ask him to write down the seed from the display during device initialization. So user have to write it to piece of paper and lock it on safe place for the case of theft or corrupted device.
hero member
Activity: 756
Merit: 501
There is more to Bitcoin than bitcoins.
Edit: I'm adding a link to my earlier post about how to strenghten an USB-powered device against side-channel attacks. I know that your chip of choice lacks NEON, but please read it to the end.

Afaik these attacks are more teoretical than in daily use. I'm not saying that it is impossible to get seed with unrestricted physical access to the wallet and good laboratory equipment. But still wallet owner have enough time to send his coins outside the seed.
How does the owner send funds outside of seed if the device has been stolen?
member
Activity: 69
Merit: 20
Love the idea!! Please sign me up for one!
Have you thought in adding the project to http://www.kickstarter.com?
I will support it if you do...
legendary
Activity: 1078
Merit: 1003
Even with those theoretical attacks, real safety of such wallet is much higher than any existing solution.

No such thing as perfect security anyway. All there is are tradeoffs, you gain a bit of security but you lose convenience, you lose a bit of security but you gain a bit of convenience, finding the right balance for the right kind of circumstance is what is important.

I think this project is badly needed and I wish you success!
legendary
Activity: 1470
Merit: 1002
Hello!
Subbin

(I was trying something similar with my raspi  Wink)
legendary
Activity: 1190
Merit: 1000
www.bitcointrading.com
omg this is better than the "September announcement"!!!!
donator
Activity: 994
Merit: 1000
Afaik these attacks are more teoretical than in daily use. I'm not saying that it is impossible to get seed with unrestricted physical access to the wallet and good laboratory equipment. But still wallet owner have enough time to send his coins outside the seed.

Even with those teoretical attacks, real safety of such wallet is much higher than any existing solution.
The good laboratory equipment is required only to design the attack. Once you have the attack developed it takes very cheap equipment to implement it, because you already know how and where to look on the chip-pin waveform.

Maybe if people develop a habit of frequently connecting it their mobile phone or otherwise involve it in their daily routines their reaction to physical theft will be quick enough to prevent the logical theft of bitcoins.

Edit: Actually I recalled a bit. I believe you are located in Prague, Czechia. There's a company there called BLADOX and there was a guy called Deian or Deyan that had found some very creative ways to abuse their products.

As long as the attacker needs physical access to the chip, the keys are as secure as the dollar bills in your pocket.
legendary
Activity: 2128
Merit: 1073
Afaik these attacks are more teoretical than in daily use. I'm not saying that it is impossible to get seed with unrestricted physical access to the wallet and good laboratory equipment. But still wallet owner have enough time to send his coins outside the seed.

Even with those teoretical attacks, real safety of such wallet is much higher than any existing solution.
The good laboratory equipment is required only to design the attack. Once you have the attack developed it takes very cheap equipment to implement it, because you already know how and where to look on the chip-pin waveform.

Maybe if people develop a habit of frequently connecting it their mobile phone or otherwise involve it in their daily routines their reaction to physical theft will be quick enough to prevent the logical theft of bitcoins.

Edit: Actually I recalled a bit. I believe you are located in Prague, Czechia. There's a company there called BLADOX and there was a guy called Deian or Deyan that had found some very creative ways to abuse their products.
legendary
Activity: 1386
Merit: 1097
I'd be happy to implement the necessary software support on the Android side!

C codes for the device will be open source, so you'll be more than welcome to play with it. At this point, we're focusing to get prototype alive, so make code able to cross-compile for ADK isn't on top of our priority list.
legendary
Activity: 1386
Merit: 1097
Edit: I'm adding a link to my earlier post about how to strenghten an USB-powered device against side-channel attacks. I know that your chip of choice lacks NEON, but please read it to the end.

Afaik these attacks are more teoretical than in daily use. I'm not saying that it is impossible to get seed with unrestricted physical access to the wallet and good laboratory equipment. But still wallet owner have enough time to send his coins outside the seed.

Even with those teoretical attacks, real safety of such wallet is much higher than any existing solution.
hero member
Activity: 483
Merit: 551
Very nice project!

If this hardware would be designed as an ADK (Android Accessory Development Kit) device, it could be connected to virtually every phone with at least Android 2.3.3 installed and be used with Bitcoin Wallet.

I think ADK support is optional, so the same device could be connected to a PC as originally intended.

I'd be happy to implement the necessary software support on the Android side!
legendary
Activity: 2128
Merit: 1073
http://www.nxp.com/documents/application_note/AN10968.pdf

Chapter 3 (page 4) describes security level of the chip we currently want to use. Do you know about some cheap and quick solution how to skip this protection and read the seed from the device?

It is probably possible to read memory with high level laboratory equipment, but purpose of seed protection is that attacker need some time to read memory, so original owner can reload the seed to another device and send his coins out of compromised seed.
I'm personally out of the hardware design business for many years now.

But people like http://www.mcu-reverse.com/ could give an estimate.

Now that you've given the intended part number interested people can look up the information about various side-channel attacks on those chips. From a brief description of your intended deterministic wallet design I presume that it will be sufficient to exfiltrate only 512 bits to empty the whole wallet.

Thank you very much for your disclosure.

Edit: I'm adding a link to my earlier post about how to strenghten an USB-powered device against side-channel attacks. I know that your chip of choice lacks NEON, but please read it to the end.

https://bitcointalksearch.org/topic/m.931995

legendary
Activity: 1386
Merit: 1097
Slush, would you kindly ask Mr. stick for additional information to substantiate the above claim?

http://www.nxp.com/documents/application_note/AN10968.pdf

Chapter 3 (page 4) describes security level of the chip we currently want to use. Do you know about some cheap and quick solution how to skip this protection and read the seed from the device?

It is probably possible to read memory with high level laboratory equipment, but purpose of seed protection is that attacker need some time to read memory, so original owner can reload the seed to another device and send his coins out of compromised seed.
legendary
Activity: 2128
Merit: 1073
* Impossibility to obtain private keys from the device in a case of theft
Everything looks very nice, with the exception of this one point.

Probably an average pirate TV-decoder-card vendor would be able to retrieve the private keys.

Slush, would you kindly ask Mr. stick for additional information to substantiate the above claim?

Thanks.
legendary
Activity: 1386
Merit: 1097
Nice! Are you planning on creating a company to sell these products? Do you need seed money for prototype development?

Project is in too early stage to tell this. For now we're focused to creating the device. We already have enough money for make device prototypes. We'll discuss detailed plan for funding and selling final product later.
legendary
Activity: 1386
Merit: 1097
Wasn't there a project that was announced a year ago that failed miserably... "ellet"?

I know about ellet. The problem was that they took quite a bigger challenge than they could handle.
legendary
Activity: 1386
Merit: 1097
Would you describe how a standard transaction would take place?

1. You connect the device into the USB and run Bitcoin wallet software
2. It automatically recognizes the device (by matching VendorID and ProductID of USB bus)
3. Software ask for master public key. Then it will be able to show your addresses and their balances.
4. When you want to send some coins, software creates template of bitcoin transaction and send it to wallet device.
5. Device displays transaction summary on its display and ask you to confirm transaction by pressing hardware button
6. Device signs transactions using private key stored in the device and sends signed transaction to desktop software.
7. Desktop software sends signed transaction to the bitcoin network.
legendary
Activity: 2058
Merit: 1005
this space intentionally left blank
Wasn't there a project that was announced a year ago that failed miserably... "ellet"?
I for one wish you the best of luck.
hero member
Activity: 752
Merit: 500
bitcoin hodler
sounds great, looking forward to seeing more information!
Jump to: