How to counter Ram Scapers? | Bitcointalksearch.org

samson

legendary

Activity: 2097

Merit: 1070

Quote from: tl121 on January 01, 2016, 04:06:28 PM

Quote from: samson on December 28, 2015, 04:19:15 PM

Three words : Hardware Security Modules

The keys are stored on an external device and never leave this device.

Every time the private key is needed to sign something like a transaction for example the transaction is sent to the HSM and the signed transaction comes back.

I suspect this kind of thing will become more popular in Bitcoin.

HSM's can generally also be used to encrypt and sign other messages like emails, etc.

They're not in mainstream use right now. Not yet anyway. This is going to change in 2016.

The point is the key is never disclosed to the computer so it never enters the systems RAM, ever.

There's a little linux USB computer named the 'USB Armory' which could be used to create something like this.

Two words: hardware wallet.
One word: Trezor

Yeah, these always sounded cool but something that can be programmed to what you want sounds a lot more useful.

I got one of the USB Armory devices late last year and it's pretty good.

tl121

sr. member

Activity: 278

Merit: 254

Quote from: samson on December 28, 2015, 04:19:15 PM

Three words : Hardware Security Modules

The keys are stored on an external device and never leave this device.

Every time the private key is needed to sign something like a transaction for example the transaction is sent to the HSM and the signed transaction comes back.

I suspect this kind of thing will become more popular in Bitcoin.

HSM's can generally also be used to encrypt and sign other messages like emails, etc.

They're not in mainstream use right now. Not yet anyway. This is going to change in 2016.

The point is the key is never disclosed to the computer so it never enters the systems RAM, ever.

There's a little linux USB computer named the 'USB Armory' which could be used to create something like this.

Two words: hardware wallet.
One word: Trezor

samson

legendary

Activity: 2097

Merit: 1070

Three words : Hardware Security Modules

The keys are stored on an external device and never leave this device.

Every time the private key is needed to sign something like a transaction for example the transaction is sent to the HSM and the signed transaction comes back.

I suspect this kind of thing will become more popular in Bitcoin.

HSM's can generally also be used to encrypt and sign other messages like emails, etc.

They're not in mainstream use right now. Not yet anyway. This is going to change in 2016.

The point is the key is never disclosed to the computer so it never enters the systems RAM, ever.

There's a little linux USB computer named the 'USB Armory' which could be used to create something like this.

DannyHamilton

legendary

Activity: 3472

Merit: 4794

Quote from: mczarnek on December 24, 2015, 02:39:53 PM

You may be right, and it would make sense, was just poking around reading about Ram Scrapers effect on Point of Sale systems

A Ram Scraper wouldn't be a problem for a bitcoin based Point Of Sale (POS) system, since the POS system shouldn't have any of the private keys. It would be a problem for an individual consumer if they had a Ram Scraper running on whatever equipment they were using to send the bitcoins, but that wouldn't effect the rest of the consumers that were paying at that same POS system. It would be up to the consumer to protect their own funds (through muti-sig, or offline transactions, or by simply managing risk by avoiding storing large amounts of bitcoin on vulnerable systems).

POS systems are a target for credit card numbers because the POS system gets to access the number of every card that is used to pay at that system. With a large scale merchant, that means that an attacker can gain thousands or even millions of credit card numbers by targeting a single POS system.

The threat model doesn't work as well for bitcoin transactions, since the attacker would need to target the specific wallet (or wallets) that they want access to.

mczarnek

hero member

Activity: 527

Merit: 503

Quote from: achow101 on December 24, 2015, 12:54:50 PM

Bitcoin core only briefly stores the data in RAM. It decrypts it for a short time, long enough to use the data, but then the data is removed after a little bit so it reduces the effectiveness of RAM spying programs.

Also, aren't programs only able to access RAM allocated to it unless it somehow has special permissions?

You may be right, and it would make sense, was just poking around reading about Ram Scrapers effect on Point of Sale systems and wondering how big of a deal they are. Only needs to be briefly stored for it to be an issue for RAM scrapers. Might not be possible though. Seems most modern OSs have some form of memory protection to prevent this.

Yes, offline could do it but that's quite a hassle for consumers.

DannyHamilton

legendary

Activity: 3472

Merit: 4794

Just use an offline wallet such as Armory Offline or Electrum Offline.

Then if the computer is infected with a RAM scraper, it won't be able to communicate anything it scrapes with any attacker.

achow101

staff

Activity: 3458

Merit: 6793

Just writing some code

Bitcoin core only briefly stores the data in RAM. It decrypts it for a short time, long enough to use the data, but then the data is removed after a little bit so it reduces the effectiveness of RAM spying programs.

Also, aren't programs only able to access RAM allocated to it unless it somehow has special permissions?

mczarnek

hero member

Activity: 527

Merit: 503

You can store the wallet.dat as encrypted as you want on the harddrive, but if you want to use it, you eventually have to decrypt it and store the private key in RAM. How can this be prevented? Is it possible to prevent other programs from spying on your RAM?

Topic: How to counter Ram Scapers? (Read 1151 times)