public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed
From: Adam Weiss <adam@signal11.com>
To: Will <will.madden@novauri.com>
Cc: bitcoin-development@lists.sourceforge.net
Subject: Re: [Bitcoin-development] Subject: Re: Proposal to address Bitcoin malware
Date: Tue, 3 Feb 2015 14:25:19 -0500	[thread overview]
Message-ID: <CAFVoEQQHVcY0Ad-4c2wnH+WF_7M-o5SNwVr-nce_9bQ794cwDQ@mail.gmail.com> (raw)
In-Reply-To: <etPan.54d0b945.46e87ccd.7f23@Williams-MBP>

[-- Attachment #1: Type: text/plain, Size: 1742 bytes --]

>
>
> Using a desktop website and mobile device for 2/3 multisig in lieu of a
> hardware device (trezor) and desktop website (mytrezor) works, but the key
> is that the device used to input the two signatures cannot be in the same
> band.  What you are protecting against are MITM attacks.  The issue is that
> if a single device or network is compromised by malware, or if a party is
> connecting to a counterparty through a channel with compromised security,
> inputing 2 signatures through the same device/band defeats the purpose of
> 2/3 multisig.
>

Maybe I'm not following the conversation very well, but if you have a small
hardware device that first displays a signed payment request (BIP70) and
then only will sign what is displayed, how can a MITM attacker do anything
other than deny service?  They'd have to get malware onto the signing
device, which is the vector that a simplified signing device is
specifically designed to mitigate.

TREZOR like devices with BIP70 support and third party cosigning services
are a solution I really like the sound of.  I suppose though that adding
BIP70 request signature validation and adding certificate revocation
support starts to balloon the scope of what is supposed to be a very simple
device though.

Regardless, I think a standard for passing partially signed transactions
around might make sense (maybe a future extension to BIP70), with attention
to both PC <-> small hardware devices and pushing stuff around on the
Internet.  It would be great if users had a choice of hardware signing
devices, local software and third-party cosigning services that would all
interoperate out of the box to enable easy multisig security, which in the
BTC world subsumes the goals of 2FA.

--adam

[-- Attachment #2: Type: text/html, Size: 2419 bytes --]

  reply	other threads:[~2015-02-03 19:56 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2015-02-03 12:04 [Bitcoin-development] Subject: Re: Proposal to address Bitcoin malware Will
2015-02-03 19:25 ` Adam Weiss [this message]
2015-02-03 20:09   ` Brian Erdelyi
2015-02-03 21:01   ` Mike Hearn
2015-02-03 22:58   ` Will
2015-02-04  1:03 ` Eric Voskuil

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=CAFVoEQQHVcY0Ad-4c2wnH+WF_7M-o5SNwVr-nce_9bQ794cwDQ@mail.gmail.com \
    --to=adam@signal11.com \
    --cc=bitcoin-development@lists.sourceforge.net \
    --cc=will.madden@novauri.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox