This article reviews the publication “A First Look at the Usability of Bitcoin Key Management” by Shayan Eskandari, David Barrera, Elizabeth Stobert and Jeremy Clark.
The authors have a look at the mechanisms and risks involved in bitcoin-based transactions. They suggest cryptographic protection, expecting minimized negative effects on usability and evaulate various key management approaches.
Bitcoin has basically extended the concept of going to the store, picking up a few items, and then pulling out a wallet to pay for them. The payment is then given to the cashier, and return change is given back. This is exactly what takes place when Bitcoins are used to pay for items, except that it is done digitally. However, there are certain usability aspects of Bitcoin transactions that make it very difficult to achieve the basic payment concept in a usable manner. There is also the t
endency to overextend the basic concept, leading to even more confusion on the part of users.
Basic Mechanism of Bitcoins
When Bitcoins are used, the user is given a digital "wallet", which can be stored online or in an application file on a digital device. Each wallet has a set of private keys for accessing the wallet for the various transactions, and also has a set of addresses associated with it, which allows transactions between users (for both sending and receiving). It is important to note that addresses can be shared between users, but the private keys are known only be the owner of the wallet. A wallet must also include in interface with a Bitcoin client (such as Blockchain.info), includes a variety of other information, such as transaction history, address book, currency exchange rates, etc. To enhance anonymity, the Bitcoin client software usually generates fresh addresses (and corresponding private keys) after each transaction to receive the remaining transaction amount as needed.
Types of UI Problems
There is usually a user interface associated with the basic client that the user must work with to make transactions. There are basically two problems when working with a UI that are somewhat opposite. One is the fact that the technical jargon used on the UI may be confusing for novice users. For example, the user may receive an "out of sync" message when "synchronizing with network” while downloading the blockchain or retrieving relevant blocks from a trusted peer. There are other cases where the UI may lack the necessary information needed for users to work with in certain situations, because the Bitcoin client generates address and private key information transparently, without the user being aware of it. In this case, the client minimizes the technical jargon, and only provides enough information to make a transaction. However, there are instances when a user may need to manage the private keys, such as when key loss occurs or when doing a backup.
Need to Achieve Better Usability for Technical and Non-Technical People Alike
It becomes apparent that there are numerous usability issues that need to be solved so that public key cryptography can be more effectively leveraged by end users. The Bitcoin software needs to be more useable by both technical and non-technical people alike with a more comprehensible approach. There are many issues to be considered, and the variables involved in managing, controlling and using cryptographic keys are very complex.
Main Issue in the Following Options – How to Prevent Theft
A variety of solutions have been proposed, and all have actually been implemented in Bitcoin software. Each solution has separate advantages and disadvantages, and no clear solution exists for all situations. The main criteria in evaluating key management proposals is how well it can prevent Bitcoins from being stolen, either physically, or digitally (through a malware attack). Stolen Bitcoins can generally be traceable, but not recoverable, as they are in online banking transactions.
6 Alternatives For Use in Bitcoin Applications
Shayan Eskandari and his colleagues categorize 6 alternatives of Key Management to increase the level of protection and security around bitcoins and bitcoin transactions.
- Keys in Local Storage - The first method is to create a wallet file on a digital device where the private keys are stored. This would typically be a file or database in a pre-configured file system path. When a new transaction is created, the Bitcoin client can read the keys and immediately broadcast the transaction over the network. This method is susceptible to almost any kind of attack (physical or digital).
- Password-protected Wallets – in this method, a user-chosen password is added to the locally store wallet file. Unlike the first method, this would protect the Bitcoin account if the device is stolen. However, this doesn't do much to protect against digital theft, if malware can be installed on the device that can log the keystrokes for a password. The user can also lose a Bitcoin account if the password is lost, since no mechanism exists for its recovery.
- Offline Storage of Keys - To protect against malware-based threats, wallets can be stored offline on some form of portable media, such as a USB thumbdrive. Offline storage is also useful for backup, in case any wallet files are lost in the first two methods.
- Air-gapped Key Storage - For more protection against malware theft, an air-gapped storage device can be used, where wallets are stored on a secondary device that generates,” signs, and exports transactions. When creating a transaction in the air-gapped device, the resulting signed output is transported (usually through portable media) to an Internet-enabled device for transmission onto the Bitcoin network. The air-gapped device never actually connects to a network. However, even this method isn't free from malware threats, as malware may jump the air gap by infecting the portable media used to export signed transactions.
- Password-derived Keys - In this approach, the cryptographic keys are replaced by a user-chosen password from which the cryptographic keys are derived. The advantage of this method is better accessibility between devices, and better password-loss prevention. The major disadvantage is that weak user-chosen passwords can be found through a fingerprint in the global public ledger used to track Bitcoin transactions.
- Hosted Wallet - The final approach is to host a Bitcoin account on a third-party web service. A hosted wallet would reduce the application complexity for devices such as smartphones. But even hosted wallet services can be primary targets of attack since they typically hold large amounts of Bitcoin. To prevent theft, hosted wallet providers often keep only a small part of their holdings online (called hot storage), and store the majority of their holdings offline in cold storage.
Conclusion: Trade-offs between solutions and coming up with a usable key management scheme
Each of the methods described by Shayan Eskandari and his colleagues offer various trade-offs in usability and security issues. Some of the main factors worth considering are accessibility to funds, cross-device portability, UI interface, malware resistance, key storage location, etc. After analyzing the various approaches to key management, it seems the best solution would be a combination of two or more of the above methods. A pattern can be followed similar to that of the online hosted wallet service, in that users can keep small amounts in ready-to-spend form (such as local storage or online hosted wallet), while keeping larger sums a more secure storage location (such as the air-gapped or offline storage mentioned above). The latter takes longer to access, but at least the funds are much better protected from theft.
VentureSkies offers targeted support in inbound marketing & sales for Information-Security and Bitcoin companies. We align marketing technology, inbound marketing, virtual growth concepts and a team that works for you on a monthly basis - for costs cheaper than hiring an employee.
References and Further Reading
- A First Look at the Usability of Bitcoin Key Management(2015), by Shayan Eskandari, David Barrera, Elizabeth Stobert, and Jeremy Clark