Cryptocurrency is stressful enough. Follow this guide to make sure that your hard earned coins don’t get hacked.
If all of our cryptocurrencies don’t go to zero one day, we want to make sure that we don’t lose them due to negligence, malicious entities, or a combination of the two. There is a wrong way to secure your cryptocurrencies, and there is s a right way to secure your cryptocurrencies. Here is the correct way. This article is written for bitcoin, but the principles apply to other cryptocurrencies.
Like in all of my posts, I enjoy teaching the important security principles involved. Before we delve into threats and protection mechanisms, we’ll cover the general principles that you should be familiar with. You don’t have to learn the bits and the bytes, but a general understanding is important. The principals for this post are asymmetric cryptography (also known as public/private key cryptography), digital signatures, and hashing. Let’s review these quickly.
As the name (“asymmetric”) implies, there are two different keys involved. A public key and a private key. These keys are used to encrypt and decrypt data asymmetrically. If you encrypt data with the private key it can only be decrypted with the public key. Conversely, if you encrypt data with the public key it can only be decrypted with the private key. This is the backbone of many cryptographic schemes, such as SSL/TLS. There is one piece of information that you can put into the world, your public key, and one piece that you must guard until your death, the private key.
A hash of a message, also known as a digest, is calculated based on the contents of a message. A hash is deterministically generated by a hashing algorithm. The input to a hashing algorithm is data of an arbitrary length. The output is a calculated hash of a predefined length. Because it is “deterministic” the same input will provide the same output every time. Mathematically it is easy to go from message to hash, but it is computationally difficult to ascertain an original message from a given hash.
Let’s look at an example. You can put “the quick brown fox jumps over the lazy dog” into any SHA256 hashing program and you’ll get out “05C6E08F1D9FDAFA03147FCB8F82F124C76D2F70E3D989DC8AADB5E7D7450BEC” as the hash. If you change one thing, such as capitalizing a letter, the hash will be different. This is easy to calculate. Try it! However, if I give you a random SHA256 hash such as “A061622278D26D76BBF979566F56F075C483D3473BE8A5D73408D0EABDD867AD” you will be hardpressed to figure out the original message. We’ll send the first person to comment with the original message a free Trezor Crypto Wallet!
Let’s put these two ideas of asymmetric cryptography and hashing together to understand a digital signature. The purpose of a digital signature is to confirm the integrity of a message, and enforce non-repudiation. Integrity lets you state that “the message received is the same as the message created.” Non-repudiation lets you say that “the message could only have been created by a specific entity”. Digital signatures do not keep messages secret! Without further encryption, digitally signed messages can be read by the world. A digital signature is just used to confirm that the message has integrity, and confirm who created it.
A digital signature is an encrypted hash of a message — it is encrypted using a private key. Anyone with the corresponding public key (e.g. the entire world) can decrypt the digital signature. Decrypting the digital signature with the public key gives you the original hash. Anyone who can read the message, can independently calculate the hash of the message on their own. They can compare the independently calculated hash to the decrypted hash and ensure that the hashes are the same. If the hashes match, they’ve confirmed that the message was not altered between creation and reception. They’ve also confirmed that only an entity with the corresponding private key could have digitally signed the message.
So a quick summary of what we’ve learned before we apply that to our beloved currencies (err… securities?):
Pfewww! Now that that’s over let’s apply it to cryptocurrencies. If you’re reading this you probably have an understanding of a distributed ledger, colloquially known as a blockchain. For the uninitiated, a distributed ledger maintains a copy of itself across multiple systems. It creates a decentralized record of all transactions occurring within a given system. With cryptocurrencies you don’t actually own or carry “coins” with you. Instead the blockchain maintains a record of how much cryptocurrency you can transact to and from other entities within the system. Transactions are confirmed using the aforementioned cryptographic principles.
Example BTC Public Address: 19U1nHDXkrbNSzCWTNiKHqLYsHwRHz18jQ
Every cryptocurrency wallet, or cryptowallet is actually a collection of one or more “wallets”. In its purest form, a “wallet” is a private key. From the private key you can create the public key. From the public key you can create public wallet addresses. So a “cryptowallet” is a collection of private keys.
Your wallet addresses are often converted into QR codes that you can easily share with the world. This is does not need to be kept secret. In fact, you could put it out into the world (like on your blog) and see if anyone just decides to send you cryptocurrency. You “own” any cryptocurrency sent to your wallet’s addresses. You can then transact your cryptocurrency using your private key.
To transact cryptocurrency you create a transaction. This is public information. A transaction is simply a collection of information that the blockchain needs to move the cryptocurrency. The data that we’re concerned with is the destination address and the amount. Anyone can create a transaction, but transactions are only accepted into the blockchain if it is confirmed by multiple members of the network. A transaction is not confirmed unless it is valid, and it is not valid unless it is digitally signed by the necessary private key. So, you sign a transaction with your private key. This signed transaction gets pushed to the blockchain, and once confirmed using public key data, becomes a part of the blockchain.
So your private key should be a closely guarded secret. Any attack against your private key is essentially an attack against your cryptocurrency. An attacker wants to digitally sign transactions, from your addresses to her addresses, using your private keys. Or an attacker may just want to hurt you by destroying your private keys, erasing access to your cryptocurrency. Let’s protect our private keys.
We know what we’re protecting, cryptocurrency. Before we discuss how we’re going to protect our cryptocurrency, let’s identify who we’re protecting them from; who are our specific threat actors? The first threat is losing access to your coins. Since cryptocurrency ledgers do not have a central authority, there is no redress if you lose access to your wallet. Your wallet is a public/private key pair. If you lose this private key you lose your wallet. If you lose your wallet you lose your cryptocurrency. You are your first threat.
The next class of threats are the ones we tend to think about and hear on the news: opportunistic attackers, dedicated attackers, and nation states.
An opportunistic attacker is one that sees your coinbase wallet open on your laptop and initiates a transaction to their public wallet address. Opportunistic attackers aren’t attacking you specifically, but if you make it easy for them, they won’t turn down a nice stash of coins.
Dedicated attackers range from individual attackers to groups of attackers working together. They will focus on an individual target such as an owner of a significant amount of cryptocurrency, a cryptotrader, or a small trading office. They’ll perform research and often initiate their attack with a spear phishing campaign. Other dedicated attackers take a broader approach and write malware that will try to steal private keys from your system if it gets infected.
Nation states have large, coordinated, and well sponsored groups of attackers. Their motivation is financial, espionage, or a combination. Proofpoint has a great writeup on the cryptocurrency attacks from the Lazarus Group, an advanced persistent threat sponsored by North Korea.
Depending on who your threats are — based on how much cryptocurrency you control and how much you’re transacting in a given day — precipitates different risk mitigation steps.
If you want to lose all of your cryptocurrency, just throw away all of your access keys. This could look like locking yourself out of your web wallet and losing access to your password reset email address for your web wallet. Or it could look like damaging a paper copy of your private keys. You’re reading this, so you are probably a proactive thinker. Here are some more tips:
If you are a casual cryptocurrency trader your threats probably aren’t that sophisticated. You need to take simple steps to protect yourself. First, consider the main account that you need to protect. It probably is not your coinbase wallet, or other online wallet accounts. It is likely your email. Your email is used to authorize new devices, reset passwords, and confirm transactions. Your email is the holy grail for an opportunistic attacker. Lock it down and make the attacker look elsewhere.
If you’re actively trading sizeable amounts of cryptocurrency you need to be aware of dedicated attackers. Dedicated attackers are going to research you and launch personalized attacks. They are going to try to phish you and reuse found credentials if your data was compromised in previous breaches. You need to practice defense in depth.
Investing in cryptocurrency is hot right now. Stealing cryptocurrency is just as hot. Threat actors take advantage of the public’s limited understanding of the underlying technical principles of cryptocurrency. Reading this is the first step to tipping the scales back in your direction. These are best practices, and your personal use cases will dictate what is actually realistic.
If you’re an active trader, you might not have time to do full multisig cold storage. But, you probably do not want to hold the private keys to hundreds of thousands of dollars worth of cryptocurrency on a personal, Internet connected laptop. You have to find a balance that works for you. The most likely setup is a combination. You’ll maintain a small operating amount in a web or desktop wallet, and move larger chunks into cold storage. Whatever you chose, think critically about your threats and ensure that you aren’t the reason that your cryptocurrencies suddenly vanish. Because when they’re gone, they’re gone.
Thank you to Elpsy for assistance with this article. If you have questions or comments please leave them below. If you found it helpful please clap and subscribe.
This is a post from Isaiah Sarju of Revis Solutions . If you like this post be sure to clap, check out his other posts on the Revis Solutions Blog, and follow on Twitter @isaiahsarju, @revissolution