Author

Topic: How to counter Ram Scapers? (Read 1153 times)

legendary
Activity: 2097
Merit: 1070
January 01, 2016, 04:11:07 PM
#8
Three words : Hardware Security Modules

The keys are stored on an external device and never leave this device.

Every time the private key is needed to sign something like a transaction for example the transaction is sent to the HSM and the signed transaction comes back.

I suspect this kind of thing will become more popular in Bitcoin.

HSM's can generally also be used to encrypt and sign other messages like emails, etc.

They're not in mainstream use right now. Not yet anyway. This is going to change in 2016.

The point is the key is never disclosed to the computer so it never enters the systems RAM, ever.

There's a little linux USB computer named the 'USB Armory' which could be used to create something like this.

Two words:  hardware wallet.
One word:  Trezor

Yeah, these always sounded cool but something that can be programmed to what you want sounds a lot more useful.

I got one of the USB Armory devices late last year and it's pretty good.

sr. member
Activity: 278
Merit: 254
January 01, 2016, 04:06:28 PM
#7
Three words : Hardware Security Modules

The keys are stored on an external device and never leave this device.

Every time the private key is needed to sign something like a transaction for example the transaction is sent to the HSM and the signed transaction comes back.

I suspect this kind of thing will become more popular in Bitcoin.

HSM's can generally also be used to encrypt and sign other messages like emails, etc.

They're not in mainstream use right now. Not yet anyway. This is going to change in 2016.

The point is the key is never disclosed to the computer so it never enters the systems RAM, ever.

There's a little linux USB computer named the 'USB Armory' which could be used to create something like this.

Two words:  hardware wallet.
One word:  Trezor
legendary
Activity: 2097
Merit: 1070
December 28, 2015, 04:19:15 PM
#6
Three words : Hardware Security Modules

The keys are stored on an external device and never leave this device.

Every time the private key is needed to sign something like a transaction for example the transaction is sent to the HSM and the signed transaction comes back.

I suspect this kind of thing will become more popular in Bitcoin.

HSM's can generally also be used to encrypt and sign other messages like emails, etc.

They're not in mainstream use right now. Not yet anyway. This is going to change in 2016.

The point is the key is never disclosed to the computer so it never enters the systems RAM, ever.

There's a little linux USB computer named the 'USB Armory' which could be used to create something like this.
legendary
Activity: 3472
Merit: 4801
December 24, 2015, 04:50:34 PM
#5
You may be right, and it would make sense, was just poking around reading about Ram Scrapers effect on Point of Sale systems 

A Ram Scraper wouldn't be a problem for a bitcoin based Point Of Sale (POS) system, since the POS system shouldn't have any of the private keys. It would be a problem for an individual consumer if they had a Ram Scraper running on whatever equipment they were using to send the bitcoins, but that wouldn't effect the rest of the consumers that were paying at that same POS system.  It would be up to the consumer to protect their own funds (through muti-sig, or offline transactions, or by simply managing risk by avoiding storing large amounts of bitcoin on vulnerable systems).

POS systems are a target for credit card numbers because the POS system gets to access the number of every card that is used to pay at that system.  With a large scale merchant, that means that an attacker can gain thousands or even millions of credit card numbers by targeting a single POS system.

The threat model doesn't work as well for bitcoin transactions, since the attacker would need to target the specific wallet (or wallets) that they want access to.
hero member
Activity: 527
Merit: 503
December 24, 2015, 02:39:53 PM
#4
Bitcoin core only briefly stores the data in RAM. It decrypts it for a short time, long enough to use the data, but then the data is removed after a little bit so it reduces the effectiveness of RAM spying programs.

Also, aren't programs only able to access RAM allocated to it unless it somehow has special permissions?

You may be right, and it would make sense, was just poking around reading about Ram Scrapers effect on Point of Sale systems  and wondering how big of a deal they are. Only needs to be briefly stored for it to be an issue for RAM scrapers. Might not be possible though. Seems most modern OSs have some form of memory protection to prevent this.

Yes, offline could do it but that's quite a hassle for consumers.
legendary
Activity: 3472
Merit: 4801
December 24, 2015, 01:14:32 PM
#3
Just use an offline wallet such as Armory Offline or Electrum Offline.

Then if the computer is infected with a RAM scraper, it won't be able to communicate anything it scrapes with any attacker.
staff
Activity: 3458
Merit: 6793
Just writing some code
December 24, 2015, 12:54:50 PM
#2
Bitcoin core only briefly stores the data in RAM. It decrypts it for a short time, long enough to use the data, but then the data is removed after a little bit so it reduces the effectiveness of RAM spying programs.

Also, aren't programs only able to access RAM allocated to it unless it somehow has special permissions?
hero member
Activity: 527
Merit: 503
December 24, 2015, 12:38:23 PM
#1
You can store the wallet.dat as encrypted as you want on the harddrive, but if you want to use it, you eventually have to decrypt it and store the private key in RAM. How can this be prevented? Is it possible to prevent other programs from spying on your RAM?
Jump to: