From: Adam Weiss <adam@signal11.com>
To: Will <will.madden@novauri.com>
Cc: bitcoin-development@lists.sourceforge.net
Subject: Re: [Bitcoin-development] Subject: Re: Proposal to address Bitcoin malware
Date: Tue, 3 Feb 2015 14:25:19 -0500 [thread overview]
Message-ID: <CAFVoEQQHVcY0Ad-4c2wnH+WF_7M-o5SNwVr-nce_9bQ794cwDQ@mail.gmail.com> (raw)
In-Reply-To: <etPan.54d0b945.46e87ccd.7f23@Williams-MBP>
[-- Attachment #1: Type: text/plain, Size: 1742 bytes --]
>
>
> Using a desktop website and mobile device for 2/3 multisig in lieu of a
> hardware device (trezor) and desktop website (mytrezor) works, but the key
> is that the device used to input the two signatures cannot be in the same
> band. What you are protecting against are MITM attacks. The issue is that
> if a single device or network is compromised by malware, or if a party is
> connecting to a counterparty through a channel with compromised security,
> inputing 2 signatures through the same device/band defeats the purpose of
> 2/3 multisig.
>
Maybe I'm not following the conversation very well, but if you have a small
hardware device that first displays a signed payment request (BIP70) and
then only will sign what is displayed, how can a MITM attacker do anything
other than deny service? They'd have to get malware onto the signing
device, which is the vector that a simplified signing device is
specifically designed to mitigate.
TREZOR like devices with BIP70 support and third party cosigning services
are a solution I really like the sound of. I suppose though that adding
BIP70 request signature validation and adding certificate revocation
support starts to balloon the scope of what is supposed to be a very simple
device though.
Regardless, I think a standard for passing partially signed transactions
around might make sense (maybe a future extension to BIP70), with attention
to both PC <-> small hardware devices and pushing stuff around on the
Internet. It would be great if users had a choice of hardware signing
devices, local software and third-party cosigning services that would all
interoperate out of the box to enable easy multisig security, which in the
BTC world subsumes the goals of 2FA.
--adam
[-- Attachment #2: Type: text/html, Size: 2419 bytes --]
next prev parent reply other threads:[~2015-02-03 19:56 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-02-03 12:04 [Bitcoin-development] Subject: Re: Proposal to address Bitcoin malware Will
2015-02-03 19:25 ` Adam Weiss [this message]
2015-02-03 20:09 ` Brian Erdelyi
2015-02-03 21:01 ` Mike Hearn
2015-02-03 22:58 ` Will
2015-02-04 1:03 ` Eric Voskuil
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAFVoEQQHVcY0Ad-4c2wnH+WF_7M-o5SNwVr-nce_9bQ794cwDQ@mail.gmail.com \
--to=adam@signal11.com \
--cc=bitcoin-development@lists.sourceforge.net \
--cc=will.madden@novauri.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox