← @ChristopherA Twitter archive
Christopher Allen
@ChristopherA
#SmartCustody Adversary — Systemic Key Compromise
Here's an adversary for your cryptocurrency (or other digital assets) that you might not have thought about: SYSTEMIC KEY COMPROMISE. What if the software that generated your keys did so in an insecure way? (1/11)
6/9/2020, 12:32:39 PM
Favs: 9
Retweets: 3
linkChristopher Allen
@ChristopherA
This is one of the “Loss by Computer Error” adversaries in my #SmartCustody book, and it's broadly a software programming error: someone messed up the key-generation code and it creates keys that either have less entropy than intended or that can be systemically guessed! (2/11)
6/9/2020, 12:32:40 PM
Favs: 0
Retweets: 0
linkChristopher Allen
@ChristopherA
This is NOT just a theoretical idea. After one software update, http://Blockchain.info generated insecure keys for 0.0002% of their users. 250 Bitcoins subsequently went missing. (3/11) https://cointelegraph.com/news/white-hat-hacker-returns-missing-bitcoins-to-blockchaininfo
6/9/2020, 12:32:41 PM
Favs: 0
Retweets: 0
linkChristopher Allen
@ChristopherA
Two years ago, we learned that JavaScript's secureRandom() was neither entirely secure nor random. Insufficient entropy meant that hackers could brute-force coins. (4/11) https://btcmanager.com/vulnerability-in-javascript-function-may-mean-long-term-bitcoin-hodlers-are-at-risk/
6/9/2020, 12:32:42 PM
Favs: 0
Retweets: 1
linkChristopher Allen
@ChristopherA
Last week, the @Trezor hardware wallet did a software update to fix a security issue, that locked users out of access to funds in a number of Bitcoin multisig accounts when using some third-party software tools. (5/11) https://decrypt.co/31463/bitcoin-segwit-bug-fix-could-lock-wallet-users-out-funds
6/9/2020, 12:32:43 PM
Favs: 0
Retweets: 1
linkChristopher Allen
@ChristopherA
SYSTEM KEY COMPROMISE may pretty abstract, but we have three examples of it actually happening. All of these failures have had widespread repercussions. This is why I advocate adversarial analysis: it helps you to look at the real likelihooods of vulernabilities. (6/11)
6/9/2020, 12:32:44 PM
Favs: 0
Retweets: 0
linkChristopher Allen
@ChristopherA
How do you solve a problem so far out of your control? You monitor news related to your hardware and software, and you have an emergency procedure in place so that you can immediately move funds if your keys might be vulnerable to compromise. (7/11)
6/9/2020, 12:32:44 PM
Favs: 1
Retweets: 0
linkChristopher Allen
@ChristopherA
Another approach is to not to update hardware key firmware or software immediately, or have two devices and only upgrade one, and have a working backup of the old software. This allows you to move your funds to an updated, more secure wallet. (8/11)
6/9/2020, 12:32:45 PM
Favs: 0
Retweets: 1
linkChristopher Allen
@ChristopherA
Eternal vigilance is the price for the autonomy of decentralization. You're taking centralized authorities out of the loop, but that means you need to bear the responsibility yourself! (9/11)
6/9/2020, 12:32:46 PM
Favs: 0
Retweets: 0
linkChristopher Allen
@ChristopherA
That's my second and final form of “Loss by Computer Error” category of adversary, following up on yesterday's look at BITROT. Together, they comprise the may ways that computers could case you to lose your assets. (10/11)
6/9/2020, 12:32:47 PM
Favs: 0
Retweets: 0
linkChristopher Allen
@ChristopherA
Have your own stories of SYSTEMIC KEY COMPROMISE impacting digital assets? Your own solutions? Let us know! And please consider supporting #SmartCustody. We're working on V2, with multi-sigs and other expansions: https://smartcustody.btcpay.blockchaincommons.com/ (11/11)
6/9/2020, 12:32:48 PM
Favs: 0
Retweets: 0
link