How Bitcoin works – episode 8: security

We have learned quite a bit about how the Bitcoin island works so far. It might be a good time to ask a few questions about security: how safe are the records of ownership on the Bitcoin island? can they be changed by someone without the consent of the owner? can they be “hacked”?

What Bitcoin island stores are public identification numbers which anonymously identify the landowners on the island and also allow them to make transactions – transfers of land to other owners. The question is:

Can the public identification numbers (Bitcoin addresses) be changed without the consent of the owner?

The answer is, that the only way to change ownership of land on the island is to create a transaction signed by the corresponding private key. No other option of changing records exists. Our current understanding of mathematics behind public key cryptography has not yet discovered even a theoretical way of calculating the corresponding private key to a public identification number and there certainly is no practical way of doing it (readers familiar with quantum computers would object, but for simplicity we will not include this topic here). As a result, the only way of making a valid transaction signed with the correct private key is to know the key in advance. No attacker can guess, calculate or otherwise derive the private key from the public identification number (Bitcoin address) alone.

address-lock

The only way of changing ownership of this piece of land on the Bitcoin island is to know the corresponding private key. There is no way to guess or derive the private key from the Bitcoin address, so the Bitcoin island as such is 100% secure.

That being said, the records on the Bitcoin island are completely secure and cannot be hacked or modified by people in authority. The security problem lies in storage of the private key itself. As we have said the private key is just a long prime number used for calculating signatures. Software calculating signatures must have access to the key and it is precisely here where the attack can happen. If land owners store their private key on their computers, cellphones or online services, there always exists a theoretical way of hacking these devices and stealing the private key.

The free market has introduced a solution to this problem in form of specialized single purpose computers whose only task is to store the private key in a secure manner and make it impossible for attackers to extract it out. These computers are called “Bitcoin hardware wallets” (the first and most famous one being Trezor). Hardware wallets introduce multiple layers of security best practices that make online / hacker attacks impossible and the only imaginable attacks scenarios (think Mission Impossible style operations) so expensive they can never be profitable in the real world. As a result, Bitcoin island in combination with the right hardware offers a much greater degree of security to land owners than any other system in the world, including the banks or any information / record storage services.

It is important to add that even storage of private keys on a cellphone or computer can be very secure for appropriate amounts of wealth. Each attack on a computer / cellphone comes at a cost to the attacker. If the private keys kept on such devices only provide access to relatively small amounts of land on the Bitcoin island, they don’t make any attack attempts worthwhile or profitable. The key is to determine how much wealth should be controlled by private keys stored on relatively less secure devices and making sure any amount greater than that is controlled by super secure hardware wallets.

The last thing we will say about security is that most of successful thefts of private keys were a result of user negligence or incompetence in storing the private key. Almost all of the big attacks were successful because owners kept their private keys out of their direct control on centralized web services (email, Bitcoin exchanges or other Bitcoin service providers, etc.) which are controlled by other people and at the same time pose as highly tempting and profitable targets for hackers. The golden rule of owning bitcoins / storing private keys is: always make sure you are the only person with access to the private key, while always storing private keys to relevant amounts of bitcoin on a secure hardware wallet. Bitcoin owners following this simple rule will never be victims of security problems.

 

Advertisements

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s