Why a twelve Word Mnemonic is an Insecure Bitcoin Wallet Backup

Rewind back to two thousand ten and the way Bitcoin wallets worked. Users had a wallet.dat file on their computer with their private keys on it. They could optionally add a password to encrypt it. They SHOULD back up the file in case they lost their computer, like this stud. Life at the time was tedious! Some mobile wallets worked the same way. Users were given total responsibility for keys but without good instruments to take responsibility.

Swift forward to today. Now the defacto standard is to backup your wallet by writing down a twelve to twenty four word passphrase which IS your master private key.

In some ways this is lighter than saving a file to a thumb drive and putting it in a safe. Especially on mobile. But have we just opened up ourselves to possibly the fattest attack vector on our devices?

I recently sat down with John McAfee, life long hacker and former founder of popular anti virus software, and we discussed securing Bitcoin. Being buried in the hacker community, he sees the thickest threat to our devices as two things, and I would agree:

Both Android and iOS now permit custom-built keyboards and it’s entirely possible one of those is snooping your keys and sending them to a malicious party.

With a 12–24 word seed backup, we’ve assured that we’ve given attackers our private key on a silver platter. Showcase the words on screen and boom, a screen capture virus has it. Have the user come in it to verify the backup (many wallets do this) and bam, a key logger has you “pwned”!

Some wallets talk about being uber secure because they use the Secure Element to store keys in hardware on the phone. But display the keys on screen or have the user type it in and all that hardware security is moot.

So what’s a user to do? Yes there are excellent, secure hardware wallets like Trezor, Keep Key, and Ledger. These are awesome solutions for very large fund storage. But attempting to bring bitcoin to 10s of millions of users, we’d think a VERY petite number of them would have the patience to use a hardware wallet for their very first intro into bitcoin. Especially for their “spending funds”. How much are “spending funds” anyway? Many people say it’s the $100 cash they’d store in a leather wallet. But what if you’re traveling, booking hotels and flights? This could lightly become $1000s.

We need a more familiar and still secure way to protect against those top two forms of malware. The key (no pun intended) is to never display the user their own keys. Never display it on screen. Never have them type it in. But instead encrypt it with a separate set of credentials such as a strong password, then back it up, behind the scenes, with 2FA to protect it. If a key logger or screen grabber spotted your encryption password, they still don’t have the encrypted data to decrypt it. It would require a entire fresh attack vector to get the data itself. On mobile that’s even orders of magnitude tighter due to app sandboxing.

This is actually how our old wallet.dat file worked. You never witnessed the actual keys, but it was a UX nightmare. Especially the backup part.

This is where Airbitz comes in and solves the key management problem in the most seamless and secure manner. With the Airbitz Bitcoin Wallet, a user feels like they are creating a classic “account” on the system. However, private keys are created locally on the device. Then they are stored always encrypted with a strong hash of the user’s username and password, which only the end user knows. Then it’s automatically backed up in case of device loss and synchronized inbetween their different devices. We then suggest One-Touch 2FA, the world’s easiest 2FA implementation. With that enabled, a key logger or screen grabber that may have snagged the username/password won’t be able to use it on another device. Users get the ease and familiarity of standard authentication with the security of client-side encryption and automated backup.

No security solution is ideal and it’s not a linear scale of less secure to more secure. It’s about which attack vector you’re worried about and what your audience is willing to suffer to protect against it. We’ve built the most secure implementation of private key management against the attack vectors we deem most likely to occur, factoring in the usability of the 90% of mobile device users. We’ve fundamentally focused on driving the amazing innovation of cryptography to the mass market by making it on by default, hiding the complexity, and presenting it with a familiar interface. Our mobile wallet has proven this model for the past two years. Very soon, you’ll see us drive this solution to other blockchain apps enabling the an ecosystem of secure, zero-knowledge private applications.

Why a twelve Word Mnemonic is an Insecure Bitcoin Wallet Backup

Why a twelve Word Mnemonic is an Insecure Bitcoin Wallet Backup

Rewind back to two thousand ten and the way Bitcoin wallets worked. Users had a wallet.dat file on their computer with their private keys on it. They could optionally add a password to encrypt it. They SHOULD back up the file in case they lost their computer, like this boy. Life at the time was tedious! Some mobile wallets worked the same way. Users were given total responsibility for keys but without good implements to take responsibility.

Rapid forward to today. Now the defacto standard is to backup your wallet by writing down a twelve to twenty four word passphrase which IS your master private key.

In some ways this is lighter than saving a file to a thumb drive and putting it in a safe. Especially on mobile. But have we just opened up ourselves to possibly the largest attack vector on our devices?

I recently sat down with John McAfee, life long hacker and former founder of popular anti virus software, and we discussed securing Bitcoin. Being buried in the hacker community, he sees the largest threat to our devices as two things, and I would agree:

Both Android and iOS now permit custom-made keyboards and it’s entirely possible one of those is snooping your keys and sending them to a malicious party.

With a 12–24 word seed backup, we’ve ensured that we’ve given attackers our private key on a silver platter. Display the words on screen and boom, a screen capture virus has it. Have the user inject it to verify the backup (many wallets do this) and bam, a key logger has you “pwned”!

Some wallets talk about being uber secure because they use the Secure Element to store keys in hardware on the phone. But demonstrate the keys on screen or have the user type it in and all that hardware security is moot.

So what’s a user to do? Yes there are excellent, secure hardware wallets like Trezor, Keep Key, and Ledger. These are awesome solutions for very large fund storage. But attempting to bring bitcoin to 10s of millions of users, we’d think a VERY petite number of them would have the patience to use a hardware wallet for their very first intro into bitcoin. Especially for their “spending funds”. How much are “spending funds” anyway? Many people say it’s the $100 cash they’d store in a leather wallet. But what if you’re traveling, booking hotels and flights? This could lightly become $1000s.

We need a more familiar and still secure way to protect against those top two forms of malware. The key (no pun intended) is to never demonstrate the user their own keys. Never display it on screen. Never have them type it in. But instead encrypt it with a separate set of credentials such as a strong password, then back it up, behind the scenes, with 2FA to protect it. If a key logger or screen grabber eyed your encryption password, they still don’t have the encrypted data to decrypt it. It would require a entire fresh attack vector to get the data itself. On mobile that’s even orders of magnitude firmer due to app sandboxing.

This is actually how our old wallet.dat file worked. You never witnessed the actual keys, but it was a UX nightmare. Especially the backup part.

This is where Airbitz comes in and solves the key management problem in the most seamless and secure manner. With the Airbitz Bitcoin Wallet, a user feels like they are creating a classic “account” on the system. However, private keys are created locally on the device. Then they are stored always encrypted with a strong hash of the user’s username and password, which only the end user knows. Then it’s automatically backed up in case of device loss and synchronized inbetween their different devices. We then suggest One-Touch 2FA, the world’s easiest 2FA implementation. With that enabled, a key logger or screen grabber that may have snagged the username/password won’t be able to use it on another device. Users get the ease and familiarity of standard authentication with the security of client-side encryption and automated backup.

No security solution is flawless and it’s not a linear scale of less secure to more secure. It’s about which attack vector you’re worried about and what your audience is willing to bear to protect against it. We’ve built the most secure implementation of private key management against the attack vectors we deem most likely to occur, factoring in the usability of the 90% of mobile device users. We’ve fundamentally focused on driving the amazing innovation of cryptography to the mass market by making it on by default, hiding the complexity, and presenting it with a familiar interface. Our mobile wallet has proven this model for the past two years. Very soon, you’ll see us drive this solution to other blockchain apps enabling the an ecosystem of secure, zero-knowledge private applications.

Related video:

admin_en | 1@1.com

Related Posts

What’s Blockchain and Can It Help You Trust Your Data? It very first appeared in two thousand eight with the Bitcoin currency, this year, Blockchain technology achieved the summit of Gartner’s “Hype Cycle.” While many economists or policy actors have voiced their interest to use the technology (i.e.

Understanding blockchain technology, bitcoins and the rise of cryptocurrency What is blockchain technology? For the past several weeks, you’ve likely heard some of the following terms if you’ve paid attention to the world of finance: Cryptocurrency, Blockchain, Bitcoin, Bitcoin Cash, and Ethereum. But what do they mean?

Top six Bitcoin and Blockchain Remittance Companies Albeit there are fairly a few reasons by bitcoin makes a lot of sense in the remittance sector, we have discussed why these solutions are not necessarily cheaper. That being said, fairly a few bitcoin and blockchain startups are attempting to make a name for themselves when it […]

Leave a Reply

Your email address will not be published. Required fields are marked *