As we reported back in early October, Bitstash is a unique Bitcoin innovation.
Bitstash aims to deliver wallet solutions with two major selling points - one being flawless security, and the other being its ease of use as the device is designed so that even your grandmother can use it. It’s a 3-tier wallet system whose crowdfunding campaign was set to launch on October 22 at Kickstarter. The campaign was supposed to feature the opportunity to preorder Bitstash along in its push raise a funding goal of US$50,000. However, Kickstarter denied the request from Bitstash:
“This product’s explicit purpose is storage and transaction management for virtual currency,” reads the email response from Kickstarter. “This is quite different from a multifunctional device that could be used with a 3rd party banking services. We appreciate what you’re doing but it falls outside of our guidelines around currency processing products and services.”
Trevor called the incident an “unfortunate setback,” but aims to raise funds by looking into a series A investment instead through more traditional channels.
“In order for Bitcoin to gain mass adoption it needs to be as simple as using PayPal, or shopping at Amazon.com. BitStash achieves this, transparently securing Bitcoin transactions.”
- Trevor Murphy
Cointelegraph had the opportunity to discuss the device’s enhanced security in detail with CTO, Trevor Murphy who also shared his thoughts on why he thinks this wallet solution will be key in helping Bitcoin reach the average consumer.
Cointelegraph: Why do you think this 3-tier hardware wallet will facilitate Bitcoin adoption?
Trevor Murphy: Bitcoin today is too difficult for the average consumer to use, and almost too difficult for everyone to secure. Complicated dongles such as the Trezor and Paper wallets, may solve the problem for the dedicated Bitcoin technology geek, but for the vast majority of consumers those solutions will not be acceptable.
Online wallets such as BlockChain.info are very useful, but they put a third party company between you and your Bitcoin, subject to business continuity risks, asset seizures etc. So BitStash brings the power of the industries best practices, AIR GAP device, virus free, private keys never exposed, true cold storage etc. to everyone. Its like having a team of Bitcoin security experts working for you full time.
In order for Bitcoin to gain mass adoption it needs to be as simple as using PayPal, or shopping at Amazon.com. BitStash achieves this, transparently securing Bitcoin transactions. The three tiers of storage are:
A) Cold Storage, stored on doubly encrypted USB drives, it cannot be spent unless plugged into BitStash. This is for long term savings. Keep it in a safe or bank vault.
B) Device/Home wallet. This is on the BitStash itself. Accessed over hardened Bluetooth, it's ultra secure, but accessible from your Desktop & Mobile devices. This is like your checking account. Use it for paying bills, trading, online shopping etc.
C) Mobile wallet. This resides on your phone, as do the private keys, fully encrypted of course. Keep small balances, backed up by the device, here and use them for spending Bitcoin while out of range of BitStash. Importantly you can receive Bitcoin into the Device & Cold Storage wallets using BIP32 generated addresses on your mobile device.
CT: Can you speak a little on the differences between the three different options you’re planning to offer? (BitStash $159.00, BitStash Ultra $199.00, BitStash FIPS $499.00)
TM: BitStash currently is sold in 3 forms BitStash, which has all the features we just talked about. BitStash Ultra adds anti-tamper, self destruct circuitry to protect BitStash from physical theft situations like a kill-switch on a mobile phone. It makes stealing a BitStash pointless.
In addition, BitStash Ultra adds a 6 hour backup battery, allowing you to take your BitStash to your Bank vault for instance and securely move money from your cold storage wallet, without ever exposing it to theft. BitStash FIPS, is BitStash Ultra PLUS FIPS 140-2 level 3 certification. This is a requirement for financial service companies and retail point of sale customers.
CT: What was the reasoning behind the cylindrical design form factor?
TM: Primarily it was designed this way to take up a small amount of desktop / bookshelf space, while still allowing it to be Visible across a room, above the clutter on your desk. The LED on BitStash™ is used in a unique color captcha during transactions, meaning you need to know what color is displayed to complete a transaction. It gives us a physical attribute, to use against malware attacks without requiring people change their shopping habits as in shopping online from the iPad while on the sofa.
CT: What is the LED ring for exactly and how does it improve security?
TM: So one of the issues to deal with in securing Bitcoin is malware on the client device. That is key logging software or viruses designed to record what you are doing and then try and steal your Bitcoin. BitStash has sophisticated technology to prevent against replay attacks, that is capturing messages to BitStash and trying to replay them over and over to repeat more transactions. It also has technology to prevent malware from just automating the front end and entering your password on your behalf. Here a number of things come into play, including the BitStash LED.
If you are using BitStash with just a single registered client device, such as your computer, then in order to spend Bitcoin you not only need to enter your password but also a 4 digit Captcha, generated on BitStash and transmitted over encrypted bluetooth as an image and displayed on your screen. In addition, a color Captcha is used.
You must select the colored square on the screen that most closely resembles the current color of the BitStash LED. Together these two Captcha answers let BitStash know a Human is using the client software, and it will use the entered password to decrypt the keys and sign a transaction.
Now if you have registered a second device, such as a mobile phone, then 2 factor authentication is used. In which case the phone must be authenticated and connected over hardened bluetooth, and then the 4 digit Captcha PLUS the details of the transaction are displayed on the phone, but must be entered physically on the other client device. Additionally, the colored square on the screen that most closely resembles the current color of the BitStash LED must be chosen.
So the LED is an integral part of the authentication process. For color blind people, it can use blinking instead of color. We used this approach so that people did not have to physically interact with BitStash, merely look at it, so they could spend Bitcoin in a similar fashion to the way they shop online today.
CT: Can the Bitstash hardware be physically tampered with if stolen?
TM: BitStash™ comes with a purpose designed anti-tamper case. It’s not possible to access BitStash™ physically without destroying that case. BitStash™ Ultra adds Full Anti-Tamper and Self Destruct features to the hardened case.
Opening the case, drilling it, using power attacks or temperature attacks, trying to short circuit battery etc. all trigger a self destruct feature, which generates a high voltage spike on the internal storage SSD, physically melting the silicon, and making BitStash unusable and the encrypted keys unretrievable.
So this makes the theft of a BitStash pointless for any reason. Your BitStash is of course fully backed up on one or more double encrypted USB drives, so you can rest safe and build a new BitStash quickly and easily from these encrypted USB drives.
CT: What happens to your private keys if the LUKS encrypted USB drive is stolen?
TM: The encrypted USB drives are meant to be stored somewhere safe, like a vault. You can created as many of these backups as you like, and store them in different geographic locations. The drives themselves are LUKS encrypted and cannot be read by anything other than a BitStash™ device.
In addition, all the data on the drives is further encrypted first with the user's password, then with the user's pin. Both of which are PBDKF2 extended 2,000 rounds for additional security. So without your PIN and your Password and a BitStash device, the USB drives themselves are useless.
For the ultimate TIN FOIL hat security, use FIPS 140-2 level 3 certified USB drives, stored in a Faraday bag. Its what we do.
CT: There has been a lot of concern recently with poor randomness generation techniques that can make devices vulnerable to attack. How does Bitstash generate its entropy?
TM: In order to ensure proper random key generation for its BIP32 master seed, BitStash is fed entropy by the client device during its initial configuration process. That entropy is sourced securely in a signed transaction from Random.org, which generates entropy for lotteries and casinos from atmospheric noise. So for each new BitStash, a bunch of random data is pulled from Random.org by the user's desktop or mobile device and pushed into BitStash.
BitStash then shuffles this entropy, mixes it up, using a Mersenne Twister algorithm, and then BitStash slices off 64bytes of it. Then BitStash generates a random 128 bit seed using a PRNG generator and uses that seed plus the 64bytes of entropy from random.org in a PBDKF2 extender to generate a completely random BIP32 master seed.
“[E]avesdropping on bluetooth traffic will reveal nothing, even if both Diffie Hellman keypairs from both devices are captured, they cannot be used to generate the correct AES encryption key to decode further messages.”
- Trevor Murphy
CT: What about Bluetooth vulnerability since it has been shown it can be eavesdropped on if you have a powerful enough Software Defined Radio to scan most of the 2.4GHz spectrum?
TM: BitStash uses what we call a hardened Bluetooth protocol. Custom Bluetooth RFCOMM and GATT services reside on BitStash. Standard Bluetooth simple pairing is used to connect BitStash to the client device. At which point BitStash only responds to 2 messages. 1) a Diffie Hellman key exchange request or 2) an authenticated AES encrypted message body.
So after Bluetooth pairing, a normal client first sends BitStash a new public Diffie Hellman keypair, and BitStash responds to it, allowing both parties to establish a 128 bit AES symmetric key, that is used to encrypt all further messages between them.
So eavesdropping on bluetooth traffic will reveal nothing, even if both Diffie Hellman keypairs from both devices are captured, they cannot be used to generate the correct AES encryption key to decode further messages. Each new connect to BitStash generates a new Key Agreement and new encryption keys.
In addition to the Diffie Hellman key exchange and AES encryption, BitStash goes further. Each message to and from BitStash contains a One Time Use password, generated with an HMAC OTP algorithm using a secret shared on initial device authorization. The messages are then additionally signed by the sending device and verified by the receiving device using public key cryptography and keys that were shared on initial device authorization.
This means that even if the bluetooth traffic is captured, it cannot be replayed to cause an new transaction as the OTP would be incorrect and the signature prevents modifying the message or someone doing a MAN in the MIDDLE attack.
Finally, we mentioned initial setup and authorization, each client device needs to be authorized to access BitStash and gets a unique ID, a unique shared secret for OTP, and unique keys for signing messages. So our hardened Bluetooth protocol ensures that all communication with BitStash is with authenticated devices over a secure channel.
“[L]ong term, for Bitcoin to be successful it needs to be accessible globally by people in all countries, where income levels are substantially different.”
- Trevor Murphy
CT: You’re also planning a similar solution but at a lower price point in the future. Could you speak on this and tell us when it will be available to the public and how much?
TM: Our first go to market device solves for a lot of different use cases, the consumer market, the financial services and exchange markets and indeed Retail Point of sale, with the addition of our NFC chip and HDMI display for bricks and mortar merchants doing Bitcoin transactions and remittance payments.
For most of these use cases, delivering a FIPS certified device - a process that is very expensive and lengthy - is very important. So our first device solves for all these uses cases in a single device that will be FIPS 140-2 level 3 certified. However, long term, for Bitcoin to be successful it needs to be accessible globally by people in all countries, where income levels are substantially different.
Many of these people will not value the FIPS certification as much as they will value a lower price point, so we will eventually build a device for them, that we will not FIPS certify, but that will come with all the basic features of BitStash. Of course, our current generation of products will be the premier line of Bitcoin storage products on the market.
CT: It seems like you tried to cover all the bases with Bitstash, but why should one opt for it in comparison to conventional (and cheaper) ‘cold storage’ methods such as a paper or brain wallet for example?
TM: It’s about security, usability and simplicity. Paper wallets and Trezors work just fine for many early adopters, and many of them will be comfortable using them forever. But the vast number of consumers in the world will not find those approaches palatable. They are too cumbersome, too error prone, too complex.
I remember 2 years back, my youngest daughter happened across a paper wallet of mine in my desk drawer. Delighted by its design she thought she would make something neat for me, and cut it into Angel shape, discarding parts of the private key. Yikes. Luckily it did not hold a lot of Bitcoin!
Brain wallet, somedays I cannot remember my phone number, and certainly for life event planning, thats not a global solution. If Bitcoin is to gain mass consumer adoption, it must be made totally secure, simpler to use and it must fit into people's existing lifestyles.
CT: Thank you Trevor for your time and insight.
BitsStash in use:
Did you enjoy this article? You may also be interested in reading these ones: