Protecting your bitcoin with BitKey

Key to the Bitcoin Safe

Article from Issue 205/2017
Author(s):

Bitcoin is the king of cryptocurrencies, which makes it attractive prey for Internet predators. BitKey is a Live Linux distribution designed to ensure that your Bitcoin wallet stays protected.

Bitcoin [1] is an innovative form of currency that exists only in cyberspace. The Bitcoin monetary system is designed to allow people to pay each other over the Internet, without the need for intermediaries such as banks. An easy way to understand how it works is to imagine that the Bitcoin network is a big, public accounting book that is maintained and closely watched by all of its members. The book contains information about who has how many bitcoin and who transfers bitcoin to whom. Each bitcoin owner has a set of public and private keys that are used to write operations to the book. Thus, somebody who owns bitcoin can send them to another person just by writing that he is doing so in the accounting book and signing the operation with a private key.

This model is an extreme simplification, but it helps to understand that each bitcoin is not a piece of code, or a file, or something with its own entity. In fact, bitcoin only exist as a reference in a public registry that states that a certain user has a certain amount of them. In reality, that user does not have the bitcoin stored anywhere. All the user has is a set of public and private keys that allow changes to the registry in order to spend or receive money.

The Security Problem

Most desktop Bitcoin wallets are programs that manage the user's keys, allowing the user to manage digital money in a user-friendly way. However, most users keep their wallet software running in computers that are connected to the Internet and are not necessarily very secure. If an online computer is infected by a piece of malware that allows an attacker to steal the private keys stored in that computer, the attacker would then gain access to the money.

Most popular Bitcoin wallets offer basic security features, such as password encryption. However, since many wallets are used to store very large amounts of money, those features are often not enough to stop a determined attacker. Security-minded users often keep their private key material in machines that are never connected to the Internet, or print the keys and store them as paper copies in order to protect them from black-hat crackers. The operational security procedures required to receive and spend bitcoin under these circumstances are extremely cumbersome.

Enter BitKey

BitKey [2] is an attempt to make it easier to follow proper operational security procedures when using bitcoin. BitKey is a Live Linux distribution that includes all the basic tools a Bitcoin power-user might need for such a purpose, and nothing more. At least, that is the theory.

As of July of 2017, the latest BitKey version is 14.2.0, and it is offered as a hybrid ISO download. After you burn the ISO to a CD or install it on a USB flash drive, you can boot BitKey as a live system. BitKey loads itself fully into the computer's RAM memory, allowing you to remove the boot media afterwards.

The boot menu prompts you for a boot mode. BitKey supports three modes of operation. The simplest, and also the least secure, is hot-online mode. In hot-online mode, which is not recommended for real-world scenarios, BitKey behaves much as any regular live operating system with a set of Bitcoin tools installed.

The remaining modes are the ones used for proper operational security procedures (Table 1). Cold-offline mode is used for creating and managing private keys in secure, air-gapped computers. Cold-online mode is used for performing operations with public keys using Internet-enabled computers. The recommended scenario for using BitKey is to have two computers; one offline for signing operations, running in cold-offline mode; and one for interfacing with the Bitcoin network, running in cold-online mode without private keys. I will call the first machine Safe and the second machine Unsafe.

Table 1

BitKey Boot Modes

BitKey Boot Mode

Uses

Security Level

Hot-online

Create wallets, watch wallets, perform transactions

Low

Cold-offline

Create wallets, sign transactions

High

Cold-online

Watch wallets, create unsigned transactions

High

The user can check the current account balance from the Unsafe machine. The Unsafe machine is also used for generating unsigned transactions. An unsigned transaction is just an instruction for the Bitcoin network to transfer funds belonging to you to somebody else, but such an instruction has not been signed with the masker keys yet or sent to the network. An unsigned transaction must be copied over to the Safe system and signed for it to be valid.

The Safe system is used to sign the unsigned transactions generated from the Unsafe machine. The signed transactions are copied over to the Unsafe system and then sent to the network, making them effective. Since the Safe machine is air-gapped, compromising it is not trivial, and the effects of an actual infection are less dangerous. It would be harder for a malicious program to deliver information to an attacker from a computer that has no working Internet connection.

Setting Everything Up

If what you have read so far sounds too complex, don't worry: It is not just you. It sounds complex because it is. The question is: How does all of this work in practice?

BitKey includes Electrum [3] as its main Bitcoin client. Although the reference Bitcoin client requires the user to download the whole blockchain, which is actually all the data existing in the accounting book and takes up lots of gigabytes, Electrum delegates to third-party servers in order to avoid downloading so much information. The Electrum client only downloads the parts of the blockchain that are needed, which allows the user to get started more quickly than the reference Bitcoin program. Electrum has many other interesting features, such as its integrated cold storage support [4].

The first step to get started with BitKey and Electrum is to boot your Safe machine in cold-offline mode (Figure 1) and create a wallet, which will be stored in a safe flash drive. I will call this flash drive Blue from now on. The Blue storage will contain the private keys. Therefore, it must never be attached to a system connected to the Internet – or to any untrusted system. Putting the flash drive on a network would expose the wallet to the threat of malware. When not in use, the best place for it is in a safe.

Figure 1: After you boot into cold-offline mode, you are greeted with a set of instructions that is not especially helpful without some prior knowledge of the BitKey environment.

In order to create the wallet, attach your empty Blue storage and run Electrum. Electrum will ask you for an encryption passphrase that will be used to protect the data contained in Blue. You will also be asked whether you want to import an existing wallet or create a new one. Hit Create a new wallet and move forward. You will be provided with a key generation seed, which is no more than a very long passphrase that can be used to recreate your whole wallet from scratch if you ever lose it. Either learn it by heart, or write it down. When you click on Next, Electrum will ask you for that very same passphrase (Figure 2). You will also be prompted for an encryption passphrase for your wallet, which is a bit strange because you just provided a passphrase for Blue a few clicks ago. Still, it can only help if your valuable money is protected with double encryption.

Figure 2: Electrum will ask you to reintroduce the generation seed, so make sure that you either learned it or wrote it down.

The second step is to get your Unsafe computer working. Your Safe machine is now up and ready, but since it is not intended to connect to the dangerous den of evil that we call the Internet, you cannot do much with it yet. To perform Internet tasks such as monitoring your account balance, you need to create an online wallet that will contain only your public key material. Such a wallet is called a watch-only wallet.

Attach another flash drive to your Safe machine. This drive will eventually contain your watch-only wallet, and I will call it Black from now on. In Electrum's toolbar, hit Wallet | Master Public Keys. You will see a string that you can save in plain text in the Black storage.

Extract the Black storage from the Safe computer and boot the Unsafe one in cold-online mode. Run Electrum just as you did before. This time, hit Import wallet or import keys, and then paste your master public key (which you saved in plain text in Black) in the Import box. Hit Next and then let Electrum auto-connect to the network. Congratulations, your BitKey configuration is now complete.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Bitmessage

    Forget email: Bitmessage harnesses the power of public key cryptography to create a decentralized, trustless P2P communications protocol. Messages are virtually impossible to spoof or tap.

  • Welcome

    Newsweek’s story uncovering the man they claim is the creator of BitCoin caused plenty of buzz. As this issue goes to press, the guy they fingered has announced he is filing a lawsuit, claiming that the assertions are false. But according to the story, his brother said “He’ll never admit to starting BitCoin.” So who should we believe?

    Many commentators have argued that the story is not sufficiently corroborated and shouldn’t have been printed, which might be true. But the question of the story’s treatment of facts masks another question that is receiving much less attention: Even if the allegations are true, is this really a news story?

  • FOSSPicks

    Graham reviews the best free software, including OBS Studio 20, Green Recorder 3.0, gtop, Bitcoin Core v0.14.2, Natron, Solarus, and more!

  • Welcome

    Law enforcement officers in Japan recently indicted former Mt. Gox CEO Mark Karpelès. The leader of the now-defunct Bitcoin repository has been in custody since June as investigators consider what might have happened to more than $183 million in lost Bitcoin funds.

  • Ask Klaus

    What’s new in Knoppix 7.4?

comments powered by Disqus

Direct Download

Read full article as PDF:

Price $2.95

News