Security of private keys: Hardware wallets
I recently watched this video by Andreas Antonopoulos:
In there he makes the great point that a hardware wallet transforms a digital security problem into a physical one. While most of us have no clue how to manage digital security, while we have a great concept of physical security. We keep the hardware wallet in our pocket like a purse. We put the recovery seed in a chest secured by locks and more.
While this is an absolutely crucial point, it misses a crucial part of the reality. We may in fact combine the best of both worlds, we are not securing a physical unique good such as a bar of gold, but we physically secure a piece of information that may be copied, chopped up modified in any way we see fit. In fact the options go far beyond what is possible in classical physical security.
Let us begin by stating our security interests:
- digital security (already managed by hardware wallet)
- security against physical loss (fire, ... )
- security against physical crime (thieves, ...)
- accessibility by family or friends in case of death or severe accident
- but at the same time security against these friends and family
By writing up the recovery seed and storing it in a vault we manage all of those more or less. Problematic are 2, 3 and possibly also 5
But we may find numerous improvements. We may create multiple copies of the seed and put them in different locations. This is great against loss, but bad against theft.
We may also encode the seed with a simple memorised phrase. Then we tell that phrase a trusted friend and put the encoded key in 4 different positions. Now we have achieved 1 to 4, but maybe we put too much trust into the friend so 5 is still in danger.
But there is a cryptological technique that is perfectly suited for this application and in fact I am a bit confused that this is not already implemented in hardware wallets. This is Shamir's Secret Sharing. We may chop our recovery phrase up into multiple pieces and anybody how gains a previously define number can recover the original key.
I have improved this method to Hierarchical Secret Sharing where not all keys are equal but layered in tiers. To recover the seed one key of each tier is required, but higher tiers may replace lower ones. More details on this method can be found here.
Using this method we might go for a 3 out of 5. I keep 3 keys accessible to me in different locations. Then I give two keys to trusted friends and tell somebody else the location of one of the keys I have access to.
The friends do not gain access even when the cooperate. But when I die they can always recover the key. When I loose a key that is no problem. When a thieve steals one key that is also no problem. This scheme fulfils points 1-5 and provides perfect security for me.
But this is only one possible idea. If you have no trusted friends, use a 2 of 3 and put them in different positions to secure against loss and theft. If you die since you have no friends there is also no problem that the funds are lost.
In addition it does not complicate the everyday use as the hardware wallet itself can sign transactions with my password. But it provides a secure recovery option that is not a risk from theft, death or other disasters. I would highly advice anyone using a hardware wallet to secure the recovery seed in this way to protect against theft and allow access to the coins after death while maintaining personal security when alive.
Below I provide a simple python code to use Secret Sharing with BIP39 phrases. It can be adapted to other dictionaries. Please before using the code make sure you understand how it works and check that the keys are suitable to recover the original seed. Also the code should be run on an offline machine for security. (In fact the hardware wallet really should run this!)
Here I am importing the BIP39 dictionary. I also set up the number of keys required to recover the seed and the keys generated. I also import the BIP39 seed that I want to encode, here cheese mouse cat
Also pay attention to the prime used to define the quotient ring. This prime is required to correctly reconstruct the seed.
Next we go to the encoding stage
alternatively we may of course output the keys again in BIP39 format
Now from these keys we can recover the original seed. For this not all 4 keys are needed, only 3 will do, but we need at least one T1 and one T2. Also note that the keys have a length comparable to the original key, given that a suitable prime was selected
and we recover ...
This week I will again make a contest to win SBD. The rules are:
In my previous posts I have put some keys and a prime number. Using these it is possible to recover a 4 word seed phrase. Anyone who posts one of these words and the position first will win part of the bounty. Do not post more than one word, I want to have 4 different winner if there are 4 people crazy enough to try. (A legitimate example using the keys in this post would be: 2: mouse) Please also consider resteeming this post so we have a chance to find 4 winner.
let me provide a tip and maybe somebody can find a solution:
The hidden keys:
[1, 1, 1] bonus index alpha fox
[0, 1, 2] fiber distance crack embark
[0, 1, 3] ability dove someone lava myself
[0, 1, 4] come fury six wedding
[0, 1, 5] ability boss unknown bicycle drill
[0, 1, 6] all later giggle praise
[0, 0, 1] umbrella month equal energy
the prime defining the quotient ring is 2^45 - 229
the first searched word to crosscheck is : quiz
Gracias por compartir, un abrazo.
@frdem3dot0 has set 1.500 SBD bounty on this post!
What is a bounty exactly?
A bounty is money sent to a post to be distributed to the users commenting on it. It provides a way to reward users directly and works in addition to the steem/sbd they receive from the blockchain. It works independently of SteemPower.
You create a bounty by sending any amount of sbd/steem to @steem-bounty together with a post-url in the memo.
How can I earn a bounty Users are then competing for the bounty by writing their answers to the post in comments that will achieve upvotes from the community and especially the bounty creator. The money of the bounty gets distributed to all top level comments of the post at the same time when the post is paid out (7 Days after it was written). How much everyone gets depends on the votes the comments received. The sender of the bounties votes are weighted higher so that she decideds where 80% of the bounty money goes and all other votes determine the rest.@steem-bounty does all of this for you automatically. You can use this service to automatically pay out a challenge, ask a hard question or simply to reward the people that interact with you.
Read more about how it works, even in different languages here.
Congratulations to the following winner(s) of the bounty!
Find more bounties here and become a bounty hunter.
very good friend, I have always admired the programming, understand these codes is surprising, I like your way of thinking, the way is as ideas the methods for security, both physical and digital and the consequences that may have as theft or loss.
Thank you!!
Congratulations! This post has been upvoted from the communal account, @minnowsupport, by frdem3dot0 from the Minnow Support Project. It's a witness project run by aggroed, ausbitbank, teamsteem, someguy123, neoxian, followbtcnews, and netuoso. The goal is to help Steemit grow by supporting Minnows. Please find us at the Peace, Abundance, and Liberty Network (PALnet) Discord Channel. It's a completely public and open space to all members of the Steemit community who voluntarily choose to be there.
If you would like to delegate to the Minnow Support Project you can do so by clicking on the following links: 50SP, 100SP, 250SP, 500SP, 1000SP, 5000SP.
Be sure to leave at least 50SP undelegated on your account.
Looking forward to your contest.
Nice and interesting post.
Great initiative and nice concept...!!
Its very secure for any types of wallet.....
Outstanding initiative and very nice concept!! Totally different. Its very secure for any types of wallet and i appreciate it. Thank you so much for sharing with us.