Thursday, June 16, 2011

Bitcoin Wallet Heist

I am not a Bitcoin user but I have been contemplating on getting one for a long time. Upon hearing this virtual currency heist, I felt that Bitcoin could make do better with physical data files security that are hosted in a user's computers besides network based security and transaction integrity.
A suggestion would be always maintaining a password protected wallet file (wallet.dat) that contains important cryptographic keys and information about a user. The wallet.dat should always be encrypted in all scenarios and the data from the wallet.dat should only exist in decrypted form in the memory when the file is read to memory for computational uses (the user must manually enter a password to decrypt the wallet.dat for all instances of use to provide more security despite inconveniences). At all times, the wallet.dat should exist as encrypted form on disk.

To step up security by another level, the wallet.dat could enjoy heightened security by using the BMICS (Project SECFILE) protocol to securely protect the data files on disk. In an event a hacker managed to gain access to the user's computers, the BMICS protected data file on the disk (strong encryption and proper procedures must be applied) would add another layer of protection to the wallet.dat besides simply encrypting the file as fake data can be planted into BMICS file formats to confuse attackers without knowledge of the actual keys and algorithms.

No comments: