Pages:
Author

Topic: Smart card wallet, take 2 - page 2. (Read 3568 times)

legendary
Activity: 2128
Merit: 1073
July 19, 2012, 10:55:08 AM
#5
Sure, if your system is built up like that. Usually keys matter if you have something irreversible associated to them.

In usual PKI deployments the association is done by a CA and underlying keys can change without a problem.
I apologise for the awkward wording of my question.

Lets forget the Bitcoin for the moment, just look back into the past for the PKI systems that already exist, are deployed and in use.

1) Is/was there any system where the cryptographic keys carried any value higher than the cost of inconvenience to replace them?

2) Are/were there any smartcards/cryptodevices that provide internal error detection and correction and use it to signal impending failure instead of simply zeroizing the key material and self-destructing?

In case you wonder: those are real questions, not the rhetorical ones. I don't know the answer. Years ago I've seen brochures (in German) of some vendor offering the system consisting of a safe, a stripped-down laptop and an anti-personnel mine hooked up to the glass lockout plate inside the safe. The only communication with the laptop was through the serial port. But this was a really expensive product.

newbie
Activity: 15
Merit: 0
July 19, 2012, 10:31:14 AM
#4
Given prior experience with the field, I would suggest that this can be implemented in a month or two, and would give a real physical wallet, with comparable security to traditional chip cards (without the bad terminal<->card protocol in EMV Wink).
Given your prior experience I have one question: is anyone storing irreplaceable data on the smartcards? Thus far in my limited experience all practical cryptosystems relied on the fact that in case of smartcard/device failure the custody chain can provide replacement of the key material at a cost of inconvenience.

Is there any practical application where lost/damaged keys have actual value lost together with them?


Sure, if your system is built up like that. Usually keys matter if you have something irreversible associated to them. For example encryption keys or in the case of bitcoin, value associated with the ability to use a *specific* key.

In usual PKI deployments the association is done by a CA and underlying keys can change without a problem.

In the context of SmartCardWallet, the ability to make secure copies of your wallet to a smart card card with the same capabilities is planned, but not in 0.1 version.
legendary
Activity: 2128
Merit: 1073
July 19, 2012, 09:46:26 AM
#3
Given prior experience with the field, I would suggest that this can be implemented in a month or two, and would give a real physical wallet, with comparable security to traditional chip cards (without the bad terminal<->card protocol in EMV Wink).
Given your prior experience I have one question: is anyone storing irreplaceable data on the smartcards? Thus far in my limited experience all practical cryptosystems relied on the fact that in case of smartcard/device failure the custody chain can provide replacement of the key material at a cost of inconvenience.

Is there any practical application where lost/damaged keys have actual value lost together with them?
legendary
Activity: 1288
Merit: 1227
Away on an extended break
July 19, 2012, 09:32:37 AM
#2
Whitelisted, and moved to Project Development.
newbie
Activity: 15
Merit: 0
July 19, 2012, 08:33:14 AM
#1
Hello,

Being a bitcoin lurker for a while, the main showstopper for me has been the complexity of required procedures for secure bitcoin handling.
As a hardware security/PKI guy, the obvious choice for anything handling private keys in a small scale is a smart card. Unfortunately there is no support for smart cards in bitcoin at the moment. There has been some initial work in the wiki: https://en.bitcoin.it/wiki/Smart_card_wallet but the work has stalled and it also seems that the expectations are not too realistic for the chosen solution (no card I know can do on-card programmable displays at the moment, for a reasonable price).

Building on the idea of storing the wallet securely in a smart card and requiring the smart card and a PIN code for any outgoing transactions, I made some tests with some hardware, based on information gathered from the web (https://en.bitcoin.it/wiki/Protocol_specification). AFAIU, the required primitives are plain ECDSA with secp256k1, ripemd160 and sha-256, where in fact only plain ECDSA is required to be implemented on the card.

I made a website, http://smartcardwallet.org, but I'm asking for feedback on feasibility here.

Do understand that this is a vaporware at the moment, but the time  to market is really short, unlike more fancy ideas. Suitable smart cards exist, required algorithms seem to be present, the set of tasks required for securing a wallet seem to be defined (at least in my head) and somebody on #bitcoin-dev even suggested to integrate a C library implementing the hardware wallet into bitcoind, if time permits (I would assume that time can be bought with money).

Given prior experience with the field, I would suggest that this can be implemented in a month or two, and would give a real physical wallet, with comparable security to traditional chip cards (without the bad terminal<->card protocol in EMV Wink).

Would somebody be interested in this? Would people pay for it (I wrote down some rough prices of hardware that would be required. For a successful business, the development cost should probably be financed through ready-made kits) ?

Saying this, I must admit again that I'm a bitcoin lurker with less than 1BTC on one account, but a somewhat seasoned person in the smart card, applied cryptography and overall security field. Bitcoin usually crosses my information barrier when things break (like the links in the "why" section) so I decided to have a look at the *technical* feasibility of protecting a bitcoin wallet in the fastest (in terms of R&D) and most secure way (in terms of validated, established smart cards).

What do you think? If there is enough interest that would justify a few weeks of interesting hacking, I'd continue with an overall POC hack.



(and somebody dealing with the moderation of the forum, please shift this topic to the tech & dev board)

Pages:
Jump to: