Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Bitcoin Discussion
Re: Bitcoin and Smart Cards
by
smartcardguy
on 22/06/2011, 05:49:36 UTC
Quote from: kjj on June 22, 2011, 05:35:22 AM
Quote from: kjj on June 19, 2011, 07:07:46 PM
I've been thinking about wallet security too.  I think a second device is a good idea, but I see it working in a different way.

I see a portable dedicated device with very limited communications ability.  Just a serial port will do, which probably means serial over USB or serial over bluetooth.  It will also have a SD card socket for wallet backups.

The device will generate the key pairs, and store them.  The private key never leaves the device, except on the SD card backup, which could be encrypted.

I think it only needs 3 hooks into the PC client software.

1) It needs to be able to push public keys to the client.
2) It needs to be able to ask for (and receive) balance updates from the client.
3) It needs to be able to accept an address from the client, and generate a complete transaction to that address using an amount entered on a keypad.  (Or possibly accept an address and amount, then only ask for confirmation.)

I think this could help with the retail problem too; no reason why you couldn't plug it into a potentially hostile terminal.

I'm thinking Arduino.  It should already have all of the crypto libraries necessary, plus hookups for serial, USB, BT, and SD cards.  Probably going to order some hardware this week to get started.

I started with the assumption that my box is owned, and every retail terminal is owned (which is true, since they are literally owned by someone other than me).

You plug into your home computer or a retail POS, and the computer sends a payment request.  The device displays the address and amount, you press yes or no.  The device then generates a transaction, or doesn't.

Point 4 through 6 are unnecessary in this scenario, since I'm not worried (yet) about the device getting lost or stolen.  The only problem I'm looking to solve right now is the malware stealing your keys problem.

Ah, you started with the retail terminal scenario; I started with the scenarios in use today thinking it could be expanded to those if the cost could get down low enough.

If I were to start with the terminal scenario I would have still do a smart card for form factor and cost reasons; implementation wise I would do a custom card applet that implements the bit coin wallet, communicated with a secured pin entry device (ped) or had onboard display and input mechanisms.

The approach you mention would work but I don't know if it could ever be scaled out to a currency card in a cost effective manner.

That said our two lines of thinking are compatible.