How to protect private keys easily and securely?

DuddlyDoRight

sr. member

Activity: 318

Merit: 260

Quote from: Kprawn on March 12, 2016, 10:57:14 AM

Nobody will trust their private keys to some proprietary software with hidden code. You should create some OpenSource code and submit it on GitHub for scrutiny, before anyone will take it seriously.

I prefer to be in full control of my own private keys and never put it online, until I need to sweep them to my main wallets. You will have a tough time getting people to trust your APP. Good luck

with your project. Roll Eyes

Those API calls in the public GIT repos are all binary without source code. The best possible key manager without additional hardware would use Keystore APIs which never even show you your keys. Encryption is worthless without hardware isolation and good key exchange algorithms.

Kprawn

legendary

Activity: 1904

Merit: 1073

Nobody will trust their private keys to some proprietary software with hidden code. You should create some OpenSource code and submit it on GitHub for scrutiny, before anyone will take it seriously.

I prefer to be in full control of my own private keys and never put it online, until I need to sweep them to my main wallets. You will have a tough time getting people to trust your APP. Good luck

with your project. Roll Eyes

ctlaltdefeat

sr. member

Activity: 464

Merit: 250

Quote from: mczarnek on March 10, 2016, 10:11:26 PM

I am working on an app and it will involve holding on to private keys, including Bitcoin private keys.. how can I make this secure and easy for users?

This is a mobile and desktop application.

Thank you!

that's good idea,i think private key should be protected not because it can be see or copied by other person,but if we use mobile online wallet it have potential to known by some application developer,and this is important to make applcation to protect private key,

DuddlyDoRight

sr. member

Activity: 318

Merit: 260

Android and IOS "keystore" APIs that keep private keys in TEE(hardware isolation even IOS or Android kernel can't touch) where you can send it a pointer/buffer and it decrypts or encrypts to another buffer/pointer.

Only services can read other apps storage and only when the app responds and allows it via API callbacks. The exemptions are jailbroken devices and only where there is a vulnerability known for the TEE kernel that's loaded by a signed bootrom before the OS in to ARM Trustzone, per-app sandbox defeated etc..

I'll tell you how secure Android and IOS TEE kernels are: The one in IOS world class famous hackers can't get around(KPP undefeated by all the dev teams despite efforts by their best) and the Android ones no malware to date have touched and all banking apps and POS devices use it for everything.. A professional researcher found something in one of the many TEE kernels years ago and it went nowhere..

mczarnek

hero member

Activity: 527

Merit: 500

I am working on an app and it will involve holding on to private keys, including Bitcoin private keys.. how can I make this secure and easy for users?

This is a mobile and desktop application.

Thank you!

Topic: How to protect private keys easily and securely? (Read 830 times)