Embed Size (px)
Citation preview
Twitter: 2Value www.2value.nl
Digital Signatures - easy
Source picture: http://www.laserfiche.com
What do we need to make it work? Think of cryptography.Is this an example of symmetric or asymmetric cryptography?
Twitter: 2Value www.2value.nl
Digital Signatures - extended
Source picture: https://staging.signinghub.com/electronic-signatures/
<Which two very important features in one go? <hash/Digest+privkey_encryption> Why should we care?Various Proofs: Identity, Existence, Location, Ownership etc.Fun trick: sign a hash pointer.Bitcoin: ECDSA: Elliptic Curve Digital Signature Algorithm
Twitter: @henkvancann www.blockchainworkspace.com
Wallet = bunch of keys
Source: http://nakamotoinstitute.org/bitcoin/#selection-229.4-232.0
Who has done something stupid with the thing valuable in life, e.g. banks and money, your assets or your privacy? e.g. Send to a wrong account. Lose it. Who has lost a significant amount of value. Who has ever been robbed?
<ik had een wallet, ik zag ze staan op het publieke ether blockchain crawler>
What happens if you lose money / all your possessions? What type of fall backs do we have in real life?[conclude: service! banks, insurance companies, government, charities, cadastre ]
In which way is management of your valuables in crypto different from what we have seen before?
[Among all those Huray-stories we to better understand the NEW vulnerabilities we have come up to with the introduction of Freedom. Example: “Sovereignty beyond the grave”, leave your heirs with nothing and lots to explain. ]
Goal: Freedom at the price of Inefficiency, Freedom at the price of Constant Alertness & Constant Preparation.
How: Knowledge of State of the Art techniques / ThreadsProfound understanding of modern key chainsDesign of a personal Key Management protocolWhere did the trust go?Practical applicationFitnessAuditing without revealing
Twitter: 2Value www.2value.nl
Receiving address creation
“A Bitcoin wallet is as simple as a single pairing of a Bitcoin address with its corresponding Bitcoin private key.”
“To safeguard this wallet you must print or otherwise record the Bitcoin address and private key. It is important to make a backup copy of the private key and store it in a safe location.”
This site does not have knowledge of your private key. If you are familiar with PGP you can download this all-in-one HTML page and check that you have an authentic version from the author of this site by matching the SHA256 hash of this HTML with the SHA256 hash available in the signed version history document linked on the footer of this site.”
Treat a paper wallet like cash.
Add funds to this wallet by instructing others to send bitcoins to your Bitcoin address.
Check your balance by going to blockchain.info or blockexplorer.com and entering your Bitcoin address.
“Keep in mind when you import your single key to a bitcoin p2p client and spend funds your key will be bundled with other private keys in the p2p client wallet. When you perform a transaction your change will be sent to another bitcoin address within the p2p client wallet. You must then backup the p2p client wallet and keep it safe as your remaining bitcoins will be stored there.”
Twitter: 2Value www.2value.nl
Example mobile wallet: Jaxx
Single key, many sub-keys (vergelijk de loper-sleutel in relatie tot de sub-sleutels)
Twitter: @henkvancann www.blockchainworkspace.com
Key management - 2
Source: http://nakamotoinstitute.org/bitcoin/#selection-229.4-232.0
Which of those could be represented by a lock?
Where does the analogy falter? : no revocation option, no multi-door key, no copy negative option,A private key can’t break in the lock
Twitter: @henkvancann www.blockchainworkspace.com
Wallet- and key management
• You put it on your ‘to-do’ list• Learning new technology takes time• Learning new languages takes time• Improve, let it become a second nature• Start using a password manager• Start using 2FA
and hope for the best…
remember Internet, Windows3.11, mobile phones?
password managers review: http://www.pcmag.com/article2/0,2817,2407168,00.asp
Use your phone or a bitcoin hardware wallet as your second factor.
Twitter: 2Value www.2value.nl
Best Practice
•Password Manager
• 2 Factor Authentication
• Back-up
• Encrypt
•Multi-sign
Focus on things you can influence!keep keys safe - yestransaction malleability / 51% attack - no
Twitter: @henkvancann www.blockchainworkspace.com
Key management - 2
Source: http://nakamotoinstitute.org/bitcoin/#selection-229.4-232.0
Exchange Kraken Nov 2016:
• “people publicly involved in the cryptocurrency scene being victimized by mobile phone hijacking”
• “consider yourself an active target”
<master slave>
Your mobile company is hacked! Then: How about you?!
"In the past month, 10 cases… The consequences have been expensive, embarrassing, enduring, and, in at least one case, life-threatening.
If you are in any way publicly involved in cryptocurrency, consider yourself an active target. You need to immediately audit the security of your accounts – especially email, social media, social networking and mobile phone."
Twitter: @henkvancann www.blockchainworkspace.com
Key management - 2
Source: http://nakamotoinstitute.org/bitcoin/#selection-229.4-232.0
•Mobile Phone
• Social Media
• Social Networking
Trouble
email, social media, social networking and mobile phone.
We want practical applications!! What do we need? How can we be safe (not lose money, do anything stupid, be vulnerable etc)If know more, we can better protect ourselves, be more confident.<copy paste errors story>
Twitter: @henkvancann www.blockchainworkspace.com
Hierarchical Deterministic Keychains
Source: http://nakamotoinstitute.org/bitcoin/#selection-229.4-232.0
• “A bitcoin address is in fact the hash of a ECDSA public key”
• Hierarchical
• Multisig
A bitcoin address is in fact the hash of a ECDSA public key
BIP0032https://bitcoinmagazine.com/articles/deterministic-wallets-advantages-flaw-1385450276/
Vitalik Buterin 2013 (18 yrs old):The problem is this: although you certainly can securely hand out child keys with no risk to the parent key, and you can hand out master public keys with no risk to the master private key, you cannot do both at the same time.
Solution : a. Don’t hand out master public keyb. making three hierarchical BIP32 wallets, with every address being a 2-of-3 multisignature address between the three wallets down some particular child key derivation path
“The two current competitors for memorising a Bitcoin wallet are (1) choosing a password and using the password or a hash of the password as a seed, and (2) randomly generating a seed and converting the seed into a passphrase in a way that can be reversed.
Twitter: @henkvancann www.blockchainworkspace.com
Hierarchical Deterministic Keychains
Source: http://nakamotoinstitute.org/bitcoin/#selection-229.4-232.0
A bitcoin address is in fact the hash of a ECDSA public key
BIP0032https://bitcoinmagazine.com/articles/deterministic-wallets-advantages-flaw-1385450276/
Vitalik Buterin 2013 (18 yrs old):The problem is this: although you certainly can securely hand out child keys with no risk to the parent key, and you can hand out master public keys with no risk to the master private key, you cannot do both at the same time.
Solution : a. Don’t hand out master public keyb. making three hierarchical BIP32 wallets, with every address being a 2-of-3 multisignature address between the three wallets down some particular child key derivation path
“The two current competitors for memorising a Bitcoin wallet are (1) choosing a password and using the password or a hash of the password as a seed, and (2) randomly generating a seed and converting the seed into a passphrase in a way that can be reversed.
Twitter: @henkvancann www.blockchainworkspace.com
Testcase: keep it safe
1 Baas
3 afdelingsleiders met budgetten in crypto - kosten
1 web afdelingsleider die trainingen verkoopt - omzet
Vraag: Ontwerp de wallet van de Baas en wat hij uitgeeft aan de verschillende actoren in het bedrijf.
http://www.hongkiat.com/blog/bitcoin-wallets/
