Bitcoin Bolt

One of the key requirements for the Bitcoin network to be secure is that mining, the distributed process in which the network processes and secures transactions, must be decentralized; that is to say, there should be no single individual or entity with more than 50% of the computing power of the entire network. If the condition is not met, then Bitcoin essentially collapses into a less efficient model of a centralized database, where the majority shareholder can unilaterally block and even reverse transactions at will. Most of the time in Bitcoin’s history, this condition has been met; although miners do organize themselves into centralized groups known as pools, there have been a wide array of pools to choose from, and usually no single one has had more than a quarter of the network’s power. Over the past few months, however, a new mining pool has emerged that has come to be a serious threat to this status quo: GHASH.io. The mining pool’s hashpower first increased to 30%, then 40%, and now the situation has hit a peak where the pool controls an impressive 45% of the network – just shy of the 50% needed for Bitcoin to turn into a system of de-facto centralized trust.

What Is Mining?

In order to understand what is going on here, it is important to first understand the concept of mining, and specifically mining pools. The purpose of the Bitcoin network is to maintain a decentralized database of what the balances of all of the accounts in the Bitcoin system are; the way that it does so is by releasing a series of “blocks”, with one new block coming out every ten minutes and containing all of the transactions that have taken place during that time. Each block builds on top of the previous block, and the idea is that once a transaction is deep enough in the “blockchain” it becomes very hard to reverse, since an attacker would need to start from the block before the one containing the transaction and then outpace the rest of the network combined from there. Miners are the ones who release these blocks; every time a miner does a round of the mining computation there is a roughly 1 in 10¹⁹ chance that the miner will succeed, create the next block, and get a 25 BTC reward. Anyone with computing power can download a Bitcoin mining software package and become a miner, although in practice specialized hardware is also required. Because of this random mechanism, the chance that a miner will mine a block within a given timeframe is almost exactly proportional to the miner’s computing power.

However, there is one problem with this setup: the 25 BTC reward is extremely rare, and most small miners, if left to mine on their own, would never discover any blocks at all. Mining pools fix this in the following way. Instead of a miner mining for themselves, the miner mines for the mining pool. In exchange, if a miner discovers a block that is almost valid (say, such that 1 in 10000 “almost valid” blocks are actually valid), the mining pool pays the miner 25 BTC divided by 10000, minus a small fee. Because the process is random, miners cannot cheat; they can either mine for themselves, and have a 1 in 10¹⁹ chance of getting 25 BTC, or they can try to generate blocks that give the mining pool the reward instead, and then every time they run the computation they have a 1 in 10¹⁴ chance of being eligible for, say, a 0.0024 BTC reward from the miner assuming a 4% fee. Like an inverted gambling site, the mining pool uses its large size to absorb the randomness of the mining process and ensure for its users a more even reward.

The Problem

Throughout much of Bitcoin’s history, even with the centralization of mining pools, mining has been fairly decentralized. The picture on the right shows the mining pool distribution in June 2012, with a large array of pools where no single one owns more than about 15% of the total network hashpower. Now, however, a single mining pool, GHASH.io, controls roughly 40% hashpower, and the next largest, BTC Guild, controls about 25%. That is to say, if GHASH.io and BTC Guild merged, they together would have a high degree of control over the Bitcoin network. They would not be able to do everything; they cannot, for example, force a transaction from A to B without A’s signature. However, they can block or reverse transactions at will. Even with only 40%, GHASH.io can reverse transactions with some success; by the simple laws of randomness, a mining pool with 40% hashpower will occasionally seem to have over 50% hashpower for a few hours at a time; in fact, there have been instances where GHASH mined six blocks in a row. And this worry is not just theoretical; there is some evidence that GHASH.io is actually being used to attack gambling sites, which are more vulnerable to this kind of attack than merchants because they have no ability to simply cancel an order if the associated transaction gets reversed.

GHASH.io is also interesting because it is affiliated with CEX.io, a site that sells what is known as “mining contracts”. Right now, nearly all Bitcoin mining is done with specialized hardware, which users buy from Bitcoin mining hardware manufacturers and then run at home. But this setup is not optimal; it is possible to save on shipping costs by never actually shipping the miners, and instead keeping the miners in house and letting the users configure them remotely. From there, one can go a step further: not require users to bother with the concept of “Bitcoin miners” and simply sell them “hashpower”; that is, users can pay 0.04 BTC, put in a Bitcoin address, and receive the revenue from 1 gigahash (ie. 1 billion rounds of mining computation per second) of mining power directly, with no need to think about any of the details of what is actually going on. This is what a mining contract is, and users are increasingly opting to purchase these contracts from CEX instead of bothering to configure their own miners. And as a result GHASH’s market share is rapidly increasing.

The Solutions

Given that this is a threat to the most fundamental security assumption behind the Bitcoin network, the next question is: what do we do about it? Fortunately, there are several solutions. The first, and most obvious, is to support decentralized mining pools. Decentralized mining pools serve the same function as regular mining pools, but use their own blockchain instead of a centralized mining service to reward miners. The most advanced decentralized mining pool is p2pool, and is relatively easy to setup.

The process is as follows:

1. Install any Bitcoin miner (eg. bfgminer)
2. Point the miner to P2Pool and start running. In bfgminer’s case, the command line instruction is bfgminer -o http://p2pool.org:9332 -u address -p password, where address should be replaced by your Bitcoin address and password can literally be kept as “password”.

Even if P2Pool hits 51% market share, it will not be able to actually block or reverse transactions, since the mining pool is decentralized and so its power is vested in the network as a whole. However, p2pool has two weaknesses. First of all, because p2pool is its own blockchain, it consumes significant resources, making it difficult to install on many computers. Second, even with the setup guide described above, it may not be easy-to-use enough. What is needed is for someone to make a one-click script that installs bfgminer, configures bfgminer, installs p2pool and installs a command line application and a graphical user interface that simply accepts a Bitcoin address and starts mining.

Given P2Pool’s inefficiencies, another solution is to improve the state of centralized mining pools. This can be done in two ways. First of all, someone can write a software package and release it as open source that essentially allows anyone to run their own top-quality mining pool. In the world of virtual private server hosting, for example, such a software package already exists: HyperVM. As a result, we see hundreds of small VPS providers all competing to provide the best and most high-quality possible service, and costs are coming down fast; Microtronix, for example, is now providing a basic 128 MB server for as little as $11 per year. If a similar, high-quality package existed for mining pools, anyone would be able to set up their own mining pool and we could have a much more diverse mining pool ecosystem even without P2Pool.

Second, there is a protocol knows as getblocktemplate where, instead of miners simply mining whatever the mining pool tells them to mine, miners themselves come up with the next block. When a miner tries to claim a reward for an almost valid block (or “share”), the mining pool checks if the block reward went to the pool and if it did pays the reward to the miner. Note that, once again, miners cannot cheat; the miner needs to decide whether the block will pay to themselves or to the pool before making an attempted mining round, so it’s not possible to simultaneously claim shares from the pool and claim the full reward from blocks that are actually valid. However, the problem here is the same as with p2pool: miners need to have an actual Bitcoin node running, which consumes resources and has its own setup costs.

Finally, there is another solution, which looks at a specific piece of the puzzle: CEX.io. Theoretically, CEX.io, because it by itself has enough hashpower that its block rewards are fairly even, should be solo mining and not cooperating with a pool. In practice, however, this will not happen. The reason, provided in an official post by CEX itself, is this:

In October the development of the “GHash.IO” project was transferred to the CEX.IO development team.
The team worked hard to completely rewrite the whole GHash.IO engine, as well as perform other stability and responsiveness improvements, which you all may have noticed.
We have also removed the 3% fee and released merged-mining alt coins to the miners.

Thus, CEX is working very closely with GHash, and has no reason to abandon it. The solution here is thus the same as the first solution suggested for centralized mining pools: create an open-source software package that lets anyone create their own equivalent of CEX, and thereby quickly outcompete it.

GHASH.io also has the power to solve this problem themselves; all they need to do, right now, is double their fees for all users, and set the fee to automatically adjust upwards again if the pool’s hashpower exceeds 33%. The solution will make the Bitcoin community happy because the pool’s hashpower will decrease to a more reasonable percentage, and it will likely even increase GHASH.io’s revenue at the same time.

Finally, for the average user, there is the more extreme option of switching to another currency. Litecoin, for example, is very similar to Bitcoin, but its developers are working very hard at making it p2pool-friendly. Peercoin and Nxt use an alternative mining mechanism called “proof of stake” where users “mine” with money rather than computing power; although this alternative mechanism is relatively unproven, it is extremely promising because it is essentially impossible to set up a mining pool with it.

However, ultimately for now the simplest solution may be the one that works: simply boycott GHASH.io. The solution worked in 2011, when Deepbit threatened to pass 50% mining power several times and was rapidly struck down by an organized boycott each time, and may well work now. GHASH’s mining power is down to 38% already, and hopefully will decrease further as users move off to other pools such as Slush, Deepbit (now only at 3%) and of course P2Pool. But in the long term, especially as more profit-motivated players that are not themselves heavily invested in the Bitcoin currency and community join the scene, we may need another solution. There have been several efforts to set up bounties for some of the above solutions; if someone contacts us with a well-organized, community-supported and credible effort we will link to it here. Otherwise, the problem we have today will eventually pass, but it will not be the last time that something like this happens.

The post Mining Pool Centralization At Crisis Levels appeared first on Bitcoin Magazine.

The world’s first insured bitcoin storage service has launched in the UK, with insurance underwritten by Lloyd’s of London.

Named Elliptic Vault, the service uses advanced “deep cold storage” techniques to secure its customers’ bitcoins. Deep cold storage involves the use of both strong encryption and secure physical locations.

Tom Robinson, co-founder of Elliptic, which is based in London, said:

“Securing your bitcoins involves implementing advanced encryption and even then you are still at risk of losing them. Elliptic Vault secures your bitcoins for you and is insured against theft or loss, so our customers can have peace of mind that their bitcoins are safe.”

Demand for security

Within the past week, the price of bitcoin peaked at over $1,020. Given that the price was only £125 just three months ago, many people have amassed something of a bitcoin fortune.

Unfortunately, there have been a number of instances recently of people losing their bitcoins, either due to human error, or the interference of criminals.

In November, for example, James Howells from Wales realised he had sent $6.5m worth of bitcoins to landfill after throwing out a computer hardrive that contained the wallet files and private keys required to access his coins.

“We are providing a service that will give people peace of mind that their bitcoins are safe and secure.”

Other bitcoiners have seen their digital currency hoards disappear due to hackers breaking into the wallet services they use. In early November, Inputs.io suffered two hacks, which saw 4,100 BTC emptied from user wallets. Following such developments, many people are anxious to find somewhere secure to store their bitcoins.

“We know a lot of people are concerned about the security of their bitcoin holdings,” said Robinson. ”We are providing a service that will give people peace of mind that their bitcoins are safe and secure,” he added.

Currently, the service is aimed at those with a relatively large collection of bitcoins, with the minimum level of cover set at £5,000. However, Robinson said his company is aiming to reduce this as the product evolves.

Insurance partner

Robinson said that, as a bitcoin company, Elliptic found it difficult to find an insurance underwriter to work with.

“Insurance is a conservative industry, where relationships matter. It took a lot of time, but we are now working with an underwriter that understands and is comfortable with bitcoin,” he explained.

Lloyd’s of London is a UK-based corporate body that was founded in 1688. It made a pre-tax profit of £2.77bn on £25.5bn of gross written premiums in 2012 offering insurance, reinsurance, and now life assurance.

CoinDesk has seen Elliptic’s Lloyds of London insurance certificate, so can confirm it exists, but can’t vouch for its authenticity or applicability.

Customers can choose the level of bitcoin insurance they require, specified in pounds sterling (although this service is available to those based both in and outside the UK). Users pay an annual rate of 2%, which is paid in bitcoin, in monthly instalments at the end of each month.

The insurance offered covers loss of bitcoins, whether caused by any negligence by Elliptic or due to theft by a third party.

If users have to make a claim, their bitcoins would be valued at the time of the claim, using the BTC/USD exchange rate on Bitstamp, and the GBP/USD exchange rate. Elliptic said it uses the BTC/USD exchange rate (rather than BTC/GBP), as the US bitcoin exchange market is the most liquid.

Previous life

Robinson worked for some time on UK-based virtual currency exchange BitPrice, but was unable to bring the company to launch due to difficulties on finding a UK banking partner willing to go anywhere near a bitcoin exchange.

He has now changed the business model and rebranded the company as Elliptic. Elliptic Vault is the company’s first product, but it hopes to expand to offer a number of virtual currency-related services.

A statement on the Elliptic site reads:

“Thank you for your support for BitPrice and of our mission to establish a fully-regulated digital currency exchange. We sincerely hope you’ll continue to support us as we move forward with a new name and new services. While an exchange is not Elliptic’s first service, we remain committed to achieving this goal.

Together with the digital currency community we continue to actively work with regulators and government, to ensure a sustainable future for digital currencies, both in the UK and globally.”

Robinson said he wants to create a “suite” of services that make digital currencies easier to use, more secure and more powerful.

This article should not be viewed as an endorsement of Elliptic Vault, please do your own research before considering investing any funds in this service.

UPDATED on 9th January at 18:11 (GMT)

Bitcoin miners around the world are starting to leave the Ghash.io bitcoin pool following a significant increase in the pool’s hash share.

According to Blockchain.info, Ghash.io accounted for more than 42% of bitcoin mining power a day ago, but over the past 24 hours its share has dropped to 38%.

The fact that a single pool has such a high share has prompted some bitcoin miners to voice their concerns on social media and the mining community is starting to take notice. If a single entity ends up controlling more than 50% of the network’s computing power, it could – theoretically – wreak havoc on the whole network.

Bad maths

A so-called “51% attack” could, in theory, allow the attacker to reverse transactions, make double-spend transactions, prevent confirmations or even prevent other miners from mining valid blocks. It would corrupt the blockchain and render the whole system unsafe. However, this it is all speculative – as it has never been done before.

In theory, the potential attack would work if the attacker managed to gain control of more than 50% of the network’s computing power. However, even with 40%, an attacker would stand a good chance of overcoming 6-deep confirmed transactions.

If such an attack was to be carried out, the damage would be irreparable.

CEX.io moves to reassure community

CEX.io, the owner of Ghash.io, has come under criticism for its failure to address the concerns. Many miners and bitcoin enthusiasts are urging fellow miners to leave the pool, but so far it does not appear that many of them are ready to heed the warning. Ghash.io has a somewhat chequered track record, as it was used in a double-spend attack last year. However, CEX.io insists that it had no affiliation with the attack and that it condemns such actions, as they harm the bitcoin network.

CEX.io rewrote the Ghash.io engine after it gained control of the platform. Earlier this year CEX.io said it would do “everything possible to prevent pool capacity manipulation in the future.”

This afternoon CEX.io issued a statement in an effort to reassure miners and investors:

“Although the increase of hash-power in the pool is considered to be a good thing, reaching 51% of all hashing power is serious threat to the bitcoin community. Ghash.io will take all necessary precautions to prevent reaching 51% of all hashing power, in order to maintain stability of the bitcoin network.”

Ghash.io insists that it has put in place a plan to ensure that it never crosses the 51% mark. It will temporarily stop accepting new independent mining facilities to the pool and it will implement a feature allowing existing users to mine bitcoins from other pools, allowing them to use CEX.io hardware in the pool of their choosing.

Ghash.io insists that it does not have any intentions of executing a 51% attack, as it would do serious damage to the Bitcoin community, and the company itself. To the contrary, they want to expand bitcoin community and utilise the hashing power to develop a greater bitcoin economic structure. Ghash.io goes on to say that it “sees no benefit” in having a 51% stake in mining.

Preventing 51% attacks

There are a number of ways to eliminate threat of 51% attacks, although technically speaking they should be called 50%+1 attacks. Miner boycotts are proven to work, but they cannot be relied upon all the time. Calls to pull out of Ghash.io seem to be working and it is already back to 38%, down from 42% less than a day ago.

Bitcoin developer Vitalik Buterin told CoinDesk:

“We don’t need a public service announcement warning people not to join CEX.io; we need a PSA telling CEX.io to solo mine. No one with over 5% hashpower (arguably even 1%) should be doing anything but solo mining.”

Buterin argues that the best way of going about it would be to create a one-click application that installs a miner, then installs the peer-to-peer mining pool and a simple user interface. The application should be cross-platform, covering Windows, Mac and major Linux distributions.

Following this, a simple software package that would allow users to create their own mining pools should be developed and released as an open-source project. This way, anyone would be able to start a centralized mining pool capable of competing with big pools like Ghash.io.

People should then contribute bounties to both, Buterin argues. “If I see a credible effort, I would throw in a few hundred dollars myself,” he added.

Buterin is not alone. Quite a few miners seem to believe that a true cross-platform open-source executable that allows peer-to-peer mining is the way to go. One Reddit user is offering 10 BTC to anyone who develops such a solution, or an open-source pool that allows connections to existing mining platforms, with a peer-to-peer backend system.

Mining Image via Shutterstock 

If you still can’t figure out what the heck a bitcoin is, this simple explanation for a five-year-old may help you …

We’re sitting on a park bench. It’s a great day. I have one apple with me, I give it to you.

You now have one apple and I have zero. That was simple, right?

Let’s look closely at what happened:

My apple was physically put into your hand. You know it happened. I was there, you were there – you touched it.

We didn’t need a third person there to help us make the transfer. We didn’t need to pull in Uncle Tommy (who’s a famous judge) to sit with us on the bench and confirm that the apple went from me to you.

The apple’s yours! I can’t give you another apple because I don’t have any left. I can’t control it anymore. The apple left my possession completely. You have full control over that apple now. You can give it to your friend if you want, and then that friend can give it to his friend, and so on.

So that’s what an in-person exchange looks like. I guess it’s really the same, whether I’m giving you a banana, a book, a quarter, or a dollar bill …

But I’m getting ahead of myself.

Back to apples!

Now, let’s say I have one digital apple. Here, I’ll give you my digital apple. Ah! Now it gets interesting.

How do you know that digital apple which used to be mine, is now yours, and only yours? Think about it for a second. It’s more complicated, right? How do you know that I didn’t send that apple to Uncle Tommy as an email attachment first? Or your friend Joe? Or my friend Lisa too?

Maybe I made a couple of copies of that digital apple on my computer. Maybe I put it up on the internet and one million people downloaded it.

As you see, this digital exchange is a bit of a problem. Sending digital apples doesn’t look like sending physical apples.

Some brainy computer scientists actually have a name for this problem: it’s called the double-spending problem. But don’t worry about it. All you need to know is that it’s confused them for quite some time and they’ve never solved it. Until now.

But let’s try to think of a solution on our own.

Ledgers

Maybe these digital apples need to be tracked in a ledger. It’s basically a book where you track all transactions  –  an accounting book.

This ledger, since it’s digital, needs to live in its own world and have someone in charge of it.

Just like World of Warcraft, say. Blizzard, the guys who created the online game, have a “digital ledger” of all the rare flaming fire swords that exist in their system. So, cool, someone like them could keep track of our digital apples. Awesome  –  we solved it!

Problems

There’s a bit of a problem though:

1) What if some guy over at Blizzard created more? He could just add a couple of digital apples to his balance whenever he wants!

2) It’s not the same as when we were on the bench that day. It was just you and me then. Going through Blizzard is like pulling in Uncle Tommy (a third-party) out of court (did I mention he’s a famous judge?) for all our park bench transactions. How can I just hand over my digital apple to you in the usual way?

Is there any way to closely replicate our park bench transaction digitally? Seems kinda tough …

The Solution

What if we gave this ledger  to everybody? Instead of the ledger living on a Blizzard computer, it’ll live in everybody’s computers. All the transactions that have ever happened, from all time, in digital apples, will be recorded in it.

You can’t cheat it. I can’t send you digital apples I don’t have, because then it wouldn’t sync up with everybody else in the system. It’d be a tough system to beat. Especially if it got really big.

Plus, it’s not controlled by one person, so I know there’s no one that can just decide to give himself more digital apples. The rules of the system were already defined at the beginning.

And the code and rules are open source – kinda like the software used in your mom’s Android phone. Or kinda like Wikipedia. It’s there for smart people to maintain, secure, improve, and check.

You could participate in this network too – updating the ledger and making sure it all checks out. For the trouble, you could get like 25 digital apples as a reward. In fact, that’s the only way to create more digital apples in the system.

I simplified quite a bit … But that system I explained exists. It’s called the Bitcoin protocol. And those digital apples are the bitcoins within the system. Fancy! So, did you see what happened?

What does the public ledger enable?

1) It’s open source, remember? The total number of apples was defined in the public ledger at the beginning. I know the exact amount that exists. Within the system, I know they are limited (scarce).

2) When I make an exchange I now know that digital apple certifiably left my possession and is now completely yours. I used to not be able to say that about digital things. It will be updated and verified by the public ledger.

3) Because it’s a public ledger, I didn’t need Uncle Tommy (third-party) to make sure I didn’t cheat, or make extra copies for myself, or send apples twice, or thrice…

Within the system, the exchange of a digital apple is now just like the exchange of a physical one. It’s now as good as seeing a physical apple leave my hand and drop into your pocket. Just like on the park bench, the exchange involved two people only. You and me , we didn’t need Uncle Tommy there to make it valid.

In other words, it behaves like a physical object.

But you know what’s cool? It’s still digital.

We can now deal with 1,000 apples, or 1 million apples, or even .0000001 apples. I can send it with a click of a button, and I can still drop it in your digital pocket if I was in Nicaragua and you were all the way in New York.

I can even make other digital things ride on top of these digital apples! It’s digital after all. Maybe I can attach some text on it – a digital note. Or maybe I can attach more important things; like say a contract, or a stock certificate, or an ID card …

So this is great! How should we treat or value these “digital apples”? They’re quite useful aren’t they?

Well, a lot of people are arguing over it now. There’s debate between this and that economic school, between politicians, between programmers. Don’t listen to all of them though. Some people are smart; some are misinformed. Some say the system is worth a lot; some say it’s actually worth zero. Some guy actually put a hard number on it: $1,300 per apple. Some say it’s digital gold; some say it’s a currency. Others say they’re just like tulips. Some people say it’ll change the world; some say it’s just a fad.

I have my own opinion about it, but that’s a story for another time.

Hey kid, you now know more about Bitcoin than most.

Originally posted on Medium

In this age of hacks and scandals, are passwords really capable of protecting your bitcoins?

Each bitcoin address has a corresponding private key, which enables the owner to spend the bitcoins in it, but this private key also needs protecting.

The private key for your public bitcoin address is crucial, because without it, you will lose access to your coins. You can’t keep this key in your head, though, because it’s a long string of alphanumeric gibberish, which is rather impractical to memorise.

Some people protect their bitcoins by storing them in paper wallets, embedding them in a printed QR code that can be scanned when necessary. That’s a good option, but it leaves the private key physically vulnerable to theft, fire, or coffee.

Another option is to use encrypted passwords, a capability that some bitcoin wallets include. Passwords can also be used to protect other important bitcoin-related assets, such as accounts on an exchange. However, the problem here is that passwords aren’t that secure either: they’re often far easier to crack than you’d expect.

Memorable information

Password cracking software uses dictionary attacks to access passwords by brute force, by trying millions of combinations of known words. Thus, it’s naive to use “password”, “12345”, or the name of your dog as your password – someone, somewhere, will probably have that on a list, unless your dog happens to be called “8%tRuiy0P” rather than “Buffy”.

This Ars Technica article walks through how relatively talentless password crackers can use dictionaries to try and pieces together user passphrases.

But wait – your online exchange or web wallet encrypts your password, so you’re already protected, right?

Don’t be so sure. Many applications that store a password will use what’s known as a hashing function, passing the password through a mathematical calculation to produce a string of characters known as a hash. The software then stores that hash.

“Passwords are the democracy of authentication technologies – they’re the worst thing available, except for everything else.”

Whenever anyone tries to gain access to something by entering a password, (say, a bitcoin private key, or an account on an exchange), the software runs the password through the same hashing function, and then compares the string produced with the string that was originally stored.

No two passwords would produce the same hash – so, theoretically, only people with access to the password could produce a match.

However, as a particular password will always produce the same hash, password crackers can simply hash all of the words in their dictionaries, to produce what’s known as a rainbow table.

That’s a collection of millions of hashes, cross-referenced to the passwords that produced them. That’s how password thieves like those who stole LinkedIn’s list of hashes could decode the passwords. There are techniques, such as password salting and using longer passwords, that can make this lookup process far more difficult, but it’s still useful for password crackers.

Even the seemingly clever passwords or passphrases that you use to protect your bitcoin wallet can be vulnerable to attack. That idea of using random letters or substituting the number ‘1’ for an ‘l’ or an ‘i’? Forget it. The software has rules for testing against that.

Some more savvy people will use two or three words strung together, perhaps with a number or stray letter thrown in. “Angrybadger1125” sounds like a great password, doesn’t it? “When I was a boy I always wanted to be an astronaut” sounds even better. But these passwords aren’t invincible.

Power and efficiency

The problem, as outlined by the University of Cambridge’s Joseph Bonneau, and cited by security guru Bruce Schneier, is that password cracking today is a function of two things: power, and efficiency.

The first means throwing computing power at something (working harder), while the second involves using more sophisticated word matching models (working smarter).

Some people have even mined websites to try and find special interest-related words and passphrases that can be added to lists, and used to augment those huge dictionaries.

“Passwords are the democracy of authentication technologies – they’re the worst thing available, except for everything else,” says Dan Kaminsky, a security researcher most famous for finding what amounted to a zero-day vulnerability for the whole web in the form of a DNS vulnerability in 2008.

So, if you thought your password stood in the way of your private key and an army of online crooks, think again. But the point is that they’re likely to deter enough people to still make them worthwhile.

“The reality is that passwords are highly likely to actually work in the field, which is why we’re addicted to them,” Kaminsky says.

Mike Hearn, one of bitcoin’s core developers, agrees. He gives an example of wallet-stealing malware that was circulating some time ago.

“Adding password-based wallet encryption put a stop to that – even though, in theory, it shouldn’t work very well. Well-crafted malware can log your keystrokes and steal the password, while weak passwords could be brute-forced.”

He continues: “But in practice, it seems to have raised the bar enough to buy time for the development of stronger techniques, like the Trezor.”

Trezor is a hardware device designed to store a master key for accessing your bitcoin wallet, which never divulges any secrets to the host machine. Hearn hopes that this product, or successors to it, will evolve into more general security tools in future.

“A secure display, CPU and buttons in portable form are exactly what is needed to solve many tricky security issues.”

Kaminsky also agrees that hardware currency being built to protect bitcoin users will be useful for other security problems: “I have nothing I can recommend directly, but I expect that to change in a small number of months,” he says.

Two-factor authentication

Hardware has been used for protection before, of course. Two-factor authentication (something you know, plus something you have) is a mainstay of conventional security.

Biometrics (something you are) have also been used to authenticate people, granting them access to privileged resources. But both of these are now fraught with problems, both related to the NSA.

Reports recently surfaced that Apple’s iOS devices are subject to attack from the NSA, which has developed malware which can be implanted on one of the company’s devices and used to access its internal workings.

It isn’t yet clear whether this would enable an attacker to access the biometric fingerprint information on the latest iPhone, but then, hackers have already compromised this, making it largely moot.

What’s more worrying is that encryption technology developed by RSA is now suspected to be back-doored by the NSA, putting huge swathes of currently-used infrastructure at risk. RSA denies collusion, but it doesn’t bode well for at least some commonly-used forms of 2FA.

“2FA is bigger than RSA,” protests Kaminsky, adding:

“You might as well be asking whether security is over because now we know one security company may or may not have known (we have no idea) they were being used in this manner.”

That’s true, but it begs the question: if RSA was back-doored, who else was the NSA also accessing? And who can we trust with 2FA protection?

“There are several proposals for 2FA, many of them being open source (such as Google’s Authenticator) and so less likely to be hiding a backdoor,” says Sergio Lerner, a security expert and frequent contributor to bitcoin’s security efforts. The software inside Trezor is also open source.

“And if you fear that 2FA is not enough, then you can use 3FA (a token, a OTP smartphone app, and a password)!” he says. This multi-channel, out-of-band authentication is a feature of BitGo’s secure wallet.

Cat and mouse

Security is never a zero-sum game. It’s a constant cat-and-mouse game, between those trying to protect systems, and those trying to break them.

There are alternatives to passwords that can work, but design transparency is key. And passwords are unlikely to go away, meaning that we’re going to have to find a way to try and use them properly.

Schneier has some good advice here. “When I was a boy, I ALWAYS wanted to be an airline pilot” isn’t a great choice, but you can make it into a password unlikely to be in any table, by taking the first letters of the words, as long as the software or online app allows the format that it produces.

“WIwab,IAw2ba@p” should keep them fooled for at least a little longer (don’t use this now – choose your own), but is still easy to recall if you know the phrase that it came from.

If you’re storing enough money in a bitcoin address that it would hurt to lose it, and open source 2FA isn’t available, such precautions seem worth the effort, don’t they?

Padlock image via Shutterstock

A small high-end winery in North Canterbury, New Zealand, is the first wine business in the southern hemisphere to accept bitcoin.

The decision was made to ease transactions for the company’s strong domestic and international customer base.

Pyramid Valley Vineyards produces collectable wines in New Zealand and sees the new currency as a development in line with its innovative approach to the wine business. Just last week, California’s Mondo Cellars winery also embraced bitcoin by selling shares to fund expansion of its operations.

The Rollingdale winery in British Columbia, Canada, has traded bitcoins for bottles since February, and was the first in North America to do so. The Picnic Wine Company in California’s Napa Valley also announced it would accept bitcoin back in April.

Caine Thompson, managing director of Pyramid Valley, explained: “We live in exciting times, and bitcoin is a movement that is gaining huge international traction as a currency that is borderless.”

For a business based in a small and fairly isolated market, that is looking to sell to all parts of the world, a borderless currency has a lot of appeal.

“We’re increasingly getting requests from our international customers to be able to pay with bitcoin, particularly for our exclusive Home Collection wines. They don’t want to be worried about exchange rates and costly transaction fees.”

Thompson said his company had “positioned itself on freedom and ‘outside of the square’ winemaking and thinking,” adding that this matches the kind of “disruptive innovation” taking place in other industries.

“Bitcoin is a logical fit that we need to be a part of. As a company that is increasing our customer base around the world, it makes sense to accept payment in bitcoin, especially when we sell our wines across the globe direct through our website.”

Pyramid Valley began accepting bitcoin on 9th December 2013. Thompson claims results over the holiday period were healthy, both online and in-person via payments with bitcoin smartphone apps.

“We have been surprised with level of interest in bitcoin and the amount of people that are purchasing with bitcoin. In the December period bitcoin sales accounted for 9% of our online sales, which is significant. Transactions are predominantly from New Zealand, with growing purchases each month from offshore customers.

“It’s been a fascinating experience where we have accessed a whole new market of customers who are purchasing with bitcoin who are now huge Pyramid Valley supporters.”

Pyramid Valley Vineyards was established in 2000 by Mike and Claudia Weersing and has quickly become one of New Zealand’s leading and “most provocative” wine producers.

Thompson concluded: “We continually challenge the status quo, push boundaries and the current paradigm. When this is at the core of your culture, it makes for one incredibly exciting company with freedom.”

A Congressional report quietly released last month suggests that bitcoin could be a threat to US monetary policy, and makes the case for continued central banking control.

The report, Bitcoin: Questions, Answers, and Analysis of Legal Issues, was published by the Congressional Research Service, which produces research reports for US policy makers. It argues for the benefits of a single, incumbent currency (the US dollar), for stability.

“If greater use of bitcoin (and other cryptocurrencies) leads to multiple monetary units, these benefits could be threatened, particularly if these new currencies continue to exhibit a high degree of price volatility,” the paper says.

The authors suggest that too much bitcoin usage would lead to a tightening of monetary policy, because it could increase the money supply of US dollars.

This would depend on a couple of factors, though. Firstly, enough people would need to be using bitcoin for it to have an effect. At the moment, the bitcoin economy is highly illiquid, leading to the volatility that we’ve seen in the last year.

Secondly, bitcoins must be used as a currency in their own right. If they are bought into circulation when exchanged for fiat money, and then taken back out of circulation when users ‘cash out’ back into fiat, the effect on the money supply would be small, the authors suggest.

If, however, bitcoins are substituted for dollars on a more systematic, long-term basis, the situation would change, because it would decrease the need to hold dollars, and increase the supply of fiat money. The danger, according to the report, is that this could reduce the demand for dollars, which would affect the rate of circulation. This would confound things for the Federal Reserve, which effects monetary policy by adjusting the banking system’s available dollar reserves.

“In this case, for the Fed to maintain the same degree of monetary accommodation, it would need to undertake a compensating tightening of monetary policy,” the report said. “At a minimum, a substantial use of bitcoins could make the measurement of velocity more uncertain, and judging the appropriate stance of monetary policy uncertain.”

Challenges to widespread adoption

But the paper questions bitcoin’s ability to become a major currency for several reasons. One of these is simply because the dollar is already highly liquid and well established, and so difficult to displace. This isn’t insurmountable, though, it admits.

Serial bitcoin entrepreneur Erik Voorhees says that bitcoin’s outpacing of the dollar is certain.

“It is a better money, and all the guns and violence and central planning the government throws at it cannot stave off the laws of economics,” he says. However, he predicts this displacement happening gradually, from the margins.

Stephen Pair, co-founder and CTO at payment processor BitPay, discounts another of the report’s criticisms of bitcoin: its volatile pricing. The authors say that this makes it more of a speculative instrument than a currency. Although it is an issue, he says that software tools make it easy to hedge exposure.

“What remains to be seen is which national currency will be preferred for use in limiting that exposure.” he says. “So far it is the US dollar, but that could quickly change if another central bank began issuing their currency directly on the bitcoin block chain and facilitated the development of an options market around their currency.”

The paper also perceives another barrier to bitcoin’s widespread adoption as a currency: a deflationary trait, which it says could lead to hoarding. “This possible outcome highlights the likely importance of the economy’s principal currency being elastic, its supply increasing and decreasing to meet the changing needs of the economy, and of the important role of the central bank in implementing such a monetary policy,” it warns.

Voorhees argues that bitcoin simply encourages more careful consumption, incentivizing savings. “Though most publicized economists will wholeheartedly claim this is a fault and calamity of Bitcoin, those of us who understand bitcoin politely disagree,” he adds.

Pair also disagrees with the hoarding argument. “We have data to back it up,” he said. “During the recent increase in value of bitcoin, we saw our daily transaction volumes more than triple. As the value of bitcoin rises, it creates a wealth effect and people begin to spend their bitcoins.”

The report also leaves the door open for prosecuting bitcoin under Counterfeiting Criminal Statutes, and the Stamp Payments Act of 1862, 18 U.S.C. §337 (something which Wired investigates further here), in addition to saying that the Commodity Futures Trading Commission (CFTC) could have the authority to regulate bitcoin. However, while it highlights these as possibilities, it stops short of recommending any such moves.

“If Congress reversed course and no longer wanted to get the benefits of bitcoin while minimizing its risks, the laws that could be used against bitcoin use would have to be stretched, perhaps to the breaking point,” responded the Bitcoin Foundation in a statement.

US Capitol image via Shutterstock