Printing Your Keys — In a Tent
Printing Your Keys — In a Tent
Reassuring customers that you take security seriously
I recently outlined some research which revealed the RSA keys that someone was using on the mobile phone, just by listening to the electromagnetic waves emitted from the phone [here]. We have also shown here that you can pick up encryption keys, but just listening to the variations in the power supply. We thus leak information from electromagnetic radiation and from small variations in the power supply. Even sound waves can give away our encryption keys.
So isn’t it annoying when you can’t get a signal in a train? Well one of the reasons is because you are in a Faraday Cage, and where your signal will just bounce of the metal skin, and very little of it will get out of the spaces. Have you ever tried to use your mobile phone in the elevator too? You’ll find that your signal strength will be poor, and you’ll struggle to receive calls.
And so it is a well known technique for law enforcement to use Faraday cages, and where they will put a captured mobile phone in a tin foil bag, so that it cannot get a remote reset signal. They also have rooms which are lined with a metal layer — a Faraday Cage — in order to stop electromagnetic signals getting in, or leaking out.
And so with cryptocurrency they most important part of the whole process is the generation of the initial key pair which will be used to prove the identity of the person. If Bob’s private key of the key pair was then to be discovered by Eve, then Eve could sign a transaction with Bob’s private key and transfer money to her. Many methods are now being used to protect the wallet (and which keeps the keys), such as within cold storage. Common cold storage methods are with the Ledger S Nano and a paper wallet.
Coinbase — a leading cryptocurrency exchange with over 20 million account — uses a rather different way to print out the private keys of customers: a tent that is 8 feet across and which has a metallic mesh. This creates a Faraday cage. They also filter the power supply to the tent, so there are no chances of monitoring power fluctuations. The location of the tent is chosen at random each time.
When setup the tent contains a folding table, a lamp, a printer, and two laptops. One laptop runs Linux and boots from a USB drive. The other is a Macbook and which receives the private key from the other computer, and is used to print it out.
The method of printing the keys seems a little over the top, but it is a highly sensitive process to reveal the private key of a user. For Coinbase, it is just part of their culture, and perhaps just there to make sure that their customers know that they are doing things in the best way possible.
Other companies have ways to reassure customers of their security focus. CloudFlare use a random number generator called the Wall of Entropy. It was inspired by an engineer at Silicon Graphics who used proposed that fluid movements in lava lamps could be seen a truly random, as it is almost impossible to model the flow. The create the random numbers by taking a photograph of the lamps every few milliseconds, and which will be affected by the light outside and people moving around them. These create small changes which are then used to create the random numbers. This creates 16,384 bits of entropy each time.
The concept of using a lava lamp to generate numbers has been around for a while. In 1996, Landon Curt Noll, Robert G. Mende, Sanjeev Sisodiya at Silicon Graphics defined a patented system called Lavarand (Patent 5,732,138: “Method for seeding a pseudo-random number generator with a cryptographic hash of a digitization of a chaotic system.”). And by 2007 lavarnd even had its own site to generate numbers for its users.
In London, CloudFlare they use a dual pendulum system which hangs one pendulum off another, the movements are extremely difficult to predict the movement:
In Singapore they base the generation on radioactive decay, where they have uranium in a glass bell jar. They then use a Geiger counter to measure the release of isotopes over time