A big challenge in cryptocurrency is securing a user key from potential hackers because nobody can rollback a transaction made by an attacker with a stolen key once the blockchain network confirms it. One solution to protect users is splitting the money between super-wallet and sub-wallet. The user stores a large amount of money on her super-wallet and keeps it safe; she refills the sub-wallet when she needs while using the sub-wallet for her daily purchases. In this paper, we propose a new scheme to create sub-wallet that we call deterministic sub-wallet. In this scheme, the seed of the sub-wallet keys is derived from the super-wallet master seed, and therefore the super-wallet can build many sub-wallet addresses and refill them in a single blockchain transaction. Compared to existing approaches, our mechanism is cheaper, real-time, more secure against man-in-the-middle attack and easier for backup and recovery. We implement a proof-of-concept on a hardware wallet and evaluate its performance. In addition, we analyze the attacks and defenses of this design to demonstrate that our proposed method has a higher level of security than existing models.
more »
« less
New Secure Approach to Backup Cryptocurrency Wallets
Bitcoin and other cryptocurrencies have become popular and motivate more hackers to steal digital funds. Users protect their private keys using crypto wallets to keep their funds safe from hackers. While the most secure option is hardware wallet, it suffers from lack of a secure and convenient backup and recovery process. Almost all existing wallets use mnemonics to back up the private keys, and a user must write down these words on a piece of paper. This approach is not only inconvenient but also problematic since the paper could be lost or stolen, resulting in a hacker recovering the keys. In this paper, we propose a new digital scheme to securely back up a hardware wallet relying on the side-channel human visual verification enabled by display screen on a hardware wallet. Using this method, we transfer the root of private keys from one hardware wallet to another wallet securely even via an untrusted terminal, such as a smartphone. At the end of this process, the user has two hardware wallets with the same private keys while she may use one of them as the main wallet and another one as a backup wallet.
more »
« less
- NSF-PAR ID:
- 10161196
- Date Published:
- Journal Name:
- 2019 IEEE Global Communications Conference (GLOBECOM)
- Page Range / eLocation ID:
- 1 to 6
- Format(s):
- Medium: X
- Sponsoring Org:
- National Science Foundation
More Like this
-
-
null (Ed.)A significant challenge in blockchain and cryptocurrencies is protecting private keys from potential hackers because nobody can rollback a transaction made with a stolen key once the blockchain network confirms the transaction. The technical solution to protect private keys is cryptocurrency wallets, a piece of software, hardware, or a combination of them to manage the keys. In this paper, we propose a multilayered architecture for cryptocurrency wallets based on a Defense-in-Depth strategy to protect private keys with a balance between convenience and security. The user protects the private keys in three restricted layers with different protection mechanisms. So, a single breach cannot threaten the entire fund, and it saves time for the user to respond. We implement a proof-of-concept of our proposed architecture on both a smart card hardware wallet and an Android smartphone wallet with no performance penalty. Furthermore, we analyze the security of our proposed architecture with two adversary models.more » « less
-
A big challenge in cryptocurrency is securing the user’s keys from potential hackers because if the blockchain network confirms a transaction, nobody can rollback that. One solution to protect users is splitting the money between superwallet and sub-wallet. The user stores a large amount of money on the super-wallet and refills the sub-wallet when she needs while she uses the sub-wallet for her daily purchases. In this paper, we propose a new mechanism to create sub-wallet that we call deterministic sub-wallet. In this mechanism, the seed of sub-wallet keys is derived from super-wallet seed, and therefore super-wallet can build many sub-wallet addresses and refill them in a single blockchain transaction. Compared to existing approaches, our mechanism is less expensive, real-time, more secure against MITM attack and easier for backup and recovery. We implement a proof-of-concept on a hardware wallet and evaluate its performance. Also, we analyze the attacks and defenses in our mechanism to demonstrate that our proposed method has a higher level of security than the classic super-wallet sub-wallet model.more » « less
-
null (Ed.)Bitcoin and other altcoin cryptocurrencies use the Elliptic-Curve cryptography to control the ownership of coins. A user has one or more private keys to sign a transaction and send coins to others. The user locks her private keys with a password and stores them on a piece of software or a hardware wallet to protect them. A challenge in cryptocurrencies is losing access to private keys by its user, resulting in inaccessible coins. These coins are assigned to addresses which access to their private keys is impossible. Today, about 20 percent of all possible bitcoins are inaccessible and lost forever. A promising solution is the off-chain recovery transaction that aggregates all available coins to send them to an address when the private key is not accessible. Unfortunately, this recovery transaction must be regenerated after all sends and receives, and it is time-consuming to generate on hardware wallets. In this paper, we propose a new mechanism called lean recovery transaction to tackle this problem. We make a change in wallet key management to generate the recovery transaction as less frequently as possible. In our design, the wallet generates a lean recovery transaction only when needed and provides better performance, especially for micropayment. We evaluate the regular recovery transaction on two real hardware wallets and implement our proposed mechanism on a hardware wallet. We achieve a %40 percentage of less processing time for generating payment transactions with few numbers of inputs. The performance difference becomes even more significant, with a larger number of inputs.more » « less
-
null (Ed.)Notary is a new hardware and software architecture for running isolated approval agents in the form factor of a USB stick with a small display and buttons. Approval agents allow factoring out critical security decisions, such as getting the user's approval to sign a Bitcoin transaction or to delete a backup, to a secure environment. The key challenge addressed by Notary is to securely switch between agents on the same device. Prior systems either avoid the problem by building single-function devices like a USB U2F key, or they provide weak isolation that is susceptible to kernel bugs, side channels, or Rowhammer-like attacks. Notary achieves strong isolation using reset-based switching, along with the use of physically separate systems-on-a-chip for agent code and for the kernel, and a machine-checked proof of both the hardware's register-transfer-level design and software, showing that reset-based switching leaks no state. Notary also provides a trustworthy I/O path between the agent code and the user, which prevents an adversary from tampering with the user's screen or buttons. We built a hardware/software prototype of Notary, using a combination of ARM and RISC-V processors. The prototype demonstrates that it is feasible to verify Notary's reset-based switching, and that Notary can support diverse agents, including cryptocurrencies and a transaction approval agent for traditional client-server applications such as websites. Measurements of reset-based switching show that it is fast enough for interactive use. We analyze security bugs in existing cryptocurrency hardware wallets, which aim to provide a similar form factor and feature set as Notary, and show that Notary's design avoids many bugs that affect them.more » « less
- Free Publicly Accessible Full Text
-
Accepted Manuscript1.0
- Conference Paper:
- https://doi.org/10.1109/GLOBECOM38437.2019.9014007
