bitcoin-dev

Overview of anti-covert-channel signing techniques

Overview of anti-covert-channel signing techniques

Original Postby Russell O'Connor

Posted on: March 21, 2020 16:59 UTC

In a discussion on the bitcoin-dev mailing list, Tim Ruffing raises concerns about the security of hardware wallets.

He notes that while malicious signing is a concern, key generation is also an issue. Specifically, the PRG used to derive the seed from which keys are generated can be manipulated by hardware manufacturers. Ruffing argues that protocols for secure key generation should be deployed before anti-covert channel signing protocols. Another participant in the discussion points out that public keys are deterministic and can be spot checked. However, they note that the synthetic nonces proposed in the original conversation are inherently non-deterministic and cannot be spot checked. They argue that this highlights the importance of anti-covert signing protocols.

Bitcoin Logo

TLDR

Join Our Newsletter

We’ll email you summaries of the latest discussions from authoritative bitcoin sources, like bitcoin-dev, lightning-dev, and Delving Bitcoin.

Explore all Products

ChatBTC imageBitcoin searchBitcoin TranscriptsSaving SatoshiBitcoin Transcripts Review
Built with 🧡 by the Bitcoin Dev Project
View our public visitor count

We'd love to hear your feedback on this project?

Give Feedback