Topic: Smart card wallet, take 2 (Read 3568 times)

Hi, have you heard of OpenPay? https://bitcointalksearch.org/topic/announce-openpay-entering-burn-in-shake-down-alpha-test-phase-92055
How I wish these 3 card related projects can be merged or at least be compatible with each other so that merchants could have only one device for all. (I know this project is not aimed on customer <=> merchant transactions)
Don't take me wrong, I love diversity and competition, but what we need now is single product that can be used by masses.

What I understand from OpenPay is that it targets traditional EMV, which is a totally different beast.

SmartCardWallet is a simple beast, targeting a simple problem, with a simple solution.

Hi, have you heard of OpenPay? https://bitcointalksearch.org/topic/announce-openpay-entering-burn-in-shake-down-alpha-test-phase-92055
How I wish these 3 card related projects can be merged or at least be compatible with each other so that merchants could have only one device for all. (I know this project is not aimed on customer <=> merchant transactions)
Don't take me wrong, I love diversity and competition, but what we need now is single product that can be used by masses.

I disagree. The purpose of this device is to protect the key from being copied and to sign requests. Providing the correct address is a concern of the recipient of the funds, if the POS terminal is infected and the store does not get its money then it has nothing to do with the card.

I think this smartcard is solving a very specific problem and that other concerns must be addressed elsewhere.

A smart card is of course one of the best possible compute platforms for a portable wallet. Correct me if I am wrong but the software on the card can create new private keys in secure memory which can be extremely difficult to access outside of the provided API(like some sort of tunneling microscope).

Do these cards support signed software to prevent malware from being installed? I know some POS systems allow something like that.

Thanks for the link, interesting discussion in the bitcoinj group.

I share Mike Hearn's concerns about a virus showing bogus addresses - I think a successful "hardware Bitcoin security device" needs to be immune to such attacks, and assume the threat model is a computer infested with a sophisticated virus that targets this wallet, can fake address, etc...

I think I'll be content to watch this project and others for the time being. I would want to own one such device when a usability & security threshold is reached, but perhaps it's premature.

Thanks for the link, interesting discussion in the bitcoinj group.

I share Mike Hearn's concerns about a virus showing bogus addresses - I think a successful "hardware Bitcoin security device" needs to be immune to such attacks, and assume the threat model is a computer infested with a sophisticated virus that targets this wallet, can fake address, etc...

I think I'll be content to watch this project and others for the time being. I would want to own one such device when a usability & security threshold is reached, but perhaps it's premature.

I want this card.

Related posts:
- On the Hardware Bitcoin Wallet thread
- Thinking of m-of-n tx with Yubikey.

Someone should just get up and do it.
I know zero about hardware and device drivers, and have relatively little time, so I can't be a lot of help at this point I'm afraid.

How much time are you dedicating to working on it?
Would you increase this time if sufficient donations came in? (Like the Donations for Armory)

have you seen the bitcoincard
http://www.bitcoincard.org

I have been thinking about somethin like that, too. But I came up with some attacks, that have to be prevented for a smart card to be useful (more than some kind of offline storage netbook).

In my opinion the system to which the reader is connected has to be considerd as totally corrupted with trojans, rootkits, etc.

The reader or the smartcard has to ensure, that the host system can't have arbitrary signature requests signed by the card.
The only solution, that came to my mind, was to display the to be signed transaction at the reader (which is secure, and therefore does not display a bogus transaction). Then the user has to enter the pin/password at the reader (so it can not get into the host system), which gives it to the smartcard, which in turn can use it to decrypt the private keys and sign the transaction.

I have been thinking about somethin like that, too. But I came up with some attacks, that have to be prevented for a smart card to be useful (more than some kind of offline storage netbook).

In my opinion the system to which the reader is connected has to be considerd as totally corrupted with trojans, rootkits, etc.

The reader or the smartcard has to ensure, that the host system can't have arbitrary signature requests signed by the card.
The only solution, that came to my mind, was to display the to be signed transaction at the reader (which is secure, and therefore does not display a bogus transaction). Then the user has to enter the pin/password at the reader (so it can not get into the host system), which gives it to the smartcard, which in turn can use it to decrypt the private keys and sign the transaction.

I need to argue with this line "Smart Card Wallet does the obvious: stores your bitcoins securely inside a smart card."

the bitcoins are stored on the NETWORK. The KEYS are stored anywhere you want to store them. Multiple copies at multiple locations.

I apologise for the awkward wording of my question.

Lets forget the Bitcoin for the moment, just look back into the past for the PKI systems that already exist, are deployed and in use.

1) Is/was there any system where the cryptographic keys carried any value higher than the cost of inconvenience to replace them?

2) Are/were there any smartcards/cryptodevices that provide internal error detection and correction and use it to signal impending failure instead of simply zeroizing the key material and self-destructing?

Hello,

Being a bitcoin lurker for a while, the main showstopper for me has been the complexity of required procedures for secure bitcoin handling.
As a hardware security/PKI guy, the obvious choice for anything handling private keys in a small scale is a smart card. Unfortunately there is no support for smart cards in bitcoin at the moment. There has been some initial work in the wiki: https://en.bitcoin.it/wiki/Smart_card_wallet but the work has stalled and it also seems that the expectations are not too realistic for the chosen solution (no card I know can do on-card programmable displays at the moment, for a reasonable price).

Building on the idea of storing the wallet securely in a smart card and requiring the smart card and a PIN code for any outgoing transactions, I made some tests with some hardware, based on information gathered from the web (https://en.bitcoin.it/wiki/Protocol_specification). AFAIU, the required primitives are plain ECDSA with secp256k1, ripemd160 and sha-256, where in fact only plain ECDSA is required to be implemented on the card.

I made a website, http://smartcardwallet.org, but I'm asking for feedback on feasibility here.

Do understand that this is a vaporware at the moment, but the time  to market is really short, unlike more fancy ideas. Suitable smart cards exist, required algorithms seem to be present, the set of tasks required for securing a wallet seem to be defined (at least in my head) and somebody on #bitcoin-dev even suggested to integrate a C library implementing the hardware wallet into bitcoind, if time permits (I would assume that time can be bought with money).

Given prior experience with the field, I would suggest that this can be implemented in a month or two, and would give a real physical wallet, with comparable security to traditional chip cards (without the bad terminal<->card protocol in EMV ).

Would somebody be interested in this? Would people pay for it (I wrote down some rough prices of hardware that would be required. For a successful business, the development cost should probably be financed through ready-made kits) ?

Saying this, I must admit again that I'm a bitcoin lurker with less than 1BTC on one account, but a somewhat seasoned person in the smart card, applied cryptography and overall security field. Bitcoin usually crosses my information barrier when things break (like the links in the "why" section) so I decided to have a look at the *technical* feasibility of protecting a bitcoin wallet in the fastest (in terms of R&D) and most secure way (in terms of validated, established smart cards).

What do you think? If there is enough interest that would justify a few weeks of interesting hacking, I'd continue with an overall POC hack.



(and somebody dealing with the moderation of the forum, please shift this topic to the tech & dev board)