1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
|
Received: from sog-mx-1.v43.ch3.sourceforge.com ([172.29.43.191]
helo=mx.sourceforge.net)
by sfs-ml-4.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
(envelope-from <brian.erdelyi@gmail.com>) id 1YHgKg-0001JB-R1
for bitcoin-development@lists.sourceforge.net;
Sat, 31 Jan 2015 22:16:02 +0000
Received-SPF: pass (sog-mx-1.v43.ch3.sourceforge.com: domain of gmail.com
designates 209.85.216.43 as permitted sender)
client-ip=209.85.216.43; envelope-from=brian.erdelyi@gmail.com;
helo=mail-qa0-f43.google.com;
Received: from mail-qa0-f43.google.com ([209.85.216.43])
by sog-mx-1.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128)
(Exim 4.76) id 1YHgKf-0007hO-KK
for bitcoin-development@lists.sourceforge.net;
Sat, 31 Jan 2015 22:16:02 +0000
Received: by mail-qa0-f43.google.com with SMTP id v10so24664657qac.2
for <bitcoin-development@lists.sourceforge.net>;
Sat, 31 Jan 2015 14:15:56 -0800 (PST)
X-Received: by 10.229.19.3 with SMTP id y3mr26681464qca.1.1422742556121;
Sat, 31 Jan 2015 14:15:56 -0800 (PST)
Received: from [192.168.1.58] ([64.147.83.112])
by mx.google.com with ESMTPSA id g7sm2851351qag.26.2015.01.31.14.15.55
for <bitcoin-development@lists.sourceforge.net>
(version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128);
Sat, 31 Jan 2015 14:15:55 -0800 (PST)
From: Brian Erdelyi <brian.erdelyi@gmail.com>
X-Pgp-Agent: GPGMail 2.5b4
Content-Type: multipart/signed;
boundary="Apple-Mail=_C54F50CA-8B96-4AEA-951B-713510857F83";
protocol="application/pgp-signature"; micalg=pgp-sha512
Date: Sat, 31 Jan 2015 18:15:53 -0400
Message-Id: <27395C55-CF59-4E65-83CA-73F903272C5F@gmail.com>
To: bitcoin-development@lists.sourceforge.net
Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2070.6\))
X-Mailer: Apple Mail (2.2070.6)
X-Spam-Score: -0.6 (/)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
See http://spamassassin.org/tag/ for more details.
-1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for
sender-domain
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
(brian.erdelyi[at]gmail.com)
-0.0 SPF_PASS SPF: sender matches SPF record
1.0 HTML_MESSAGE BODY: HTML included in message
-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from
author's domain
0.1 DKIM_SIGNED Message has a DKIM or DK signature,
not necessarily valid
-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
X-Headers-End: 1YHgKf-0007hO-KK
Subject: [Bitcoin-development] Proposal to address Bitcoin malware
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Sat, 31 Jan 2015 22:16:02 -0000
--Apple-Mail=_C54F50CA-8B96-4AEA-951B-713510857F83
Content-Type: multipart/alternative;
boundary="Apple-Mail=_8D6BCAAD-07BE-4D6B-8E28-5FDE3C76084F"
--Apple-Mail=_8D6BCAAD-07BE-4D6B-8E28-5FDE3C76084F
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
charset=utf-8
Hello all,
The number of incidents involving malware targeting bitcoin users =
continues to rise. One category of virus I find particularly nasty is =
when the bitcoin address you are trying to send money to is modified =
before the transaction is signed and recorded in the block chain. This =
behaviour allows the malware to evade two-factor authentication by =
becoming active only when the bitcoin address is entered. This is very =
similar to how man-in-the-browser malware attack online banking =
websites.
Out of band transaction verification/signing is one method used with =
online banking to help protect against this. This can be done in a =
variety of ways with SMS, voice, mobile app or even security tokens. =
This video demonstrates how HSBC uses a security token to verify =
transactions online. https://www.youtube.com/watch?v=3DSh2Iha88agE =
<https://www.youtube.com/watch?v=3DSh2Iha88agE>.
Many Bitcoin wallets and services already use Open Authentication (OATH) =
based one-time passwords (OTP). Is there any interest (or existing =
work) in in the Bitcoin community adopting the OATH Challenge-Response =
Algorithm (OCRA) for verifying transactions?
I know there are other forms of malware, however, I want to get thoughts =
on this approach as it would involve the use of a decimal representation =
of the bitcoin address (depending on particular application). In the =
HSBC example (see YouTube video above), this was the last 8 digits of =
the recipient=E2=80=99s account number. Would it make sense to convert =
a bitcoin address to decimal and then truncate to 8 digits for this =
purpose? I understand that truncating the number in some way only =
increases the likelihood for collisions=E2=80=A6 however, would this =
still be practical or could the malware generate a rogue bitcoin address =
that would produce the same 8 digits of the legitimate bitcoin address?
Brian Erdelyi
--Apple-Mail=_8D6BCAAD-07BE-4D6B-8E28-5FDE3C76084F
Content-Transfer-Encoding: quoted-printable
Content-Type: text/html;
charset=utf-8
<html><head><meta http-equiv=3D"Content-Type" content=3D"text/html =
charset=3Dutf-8"></head><body style=3D"word-wrap: break-word; =
-webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" =
class=3D"">Hello all,<div class=3D""><br class=3D""></div><div =
class=3D"">The number of incidents involving malware targeting bitcoin =
users continues to rise. One category of virus I find particularly =
nasty is when the bitcoin address you are trying to send money to is =
modified before the transaction is signed and recorded in the block =
chain. This behaviour allows the malware to evade two-factor =
authentication by becoming active only when the bitcoin address is =
entered. This is very similar to how man-in-the-browser malware =
attack online banking websites.</div><div class=3D""><br =
class=3D""></div><div class=3D"">Out of band transaction =
verification/signing is one method used with online banking to help =
protect against this. This can be done in a variety of ways with =
SMS, voice, mobile app or even security tokens. This video =
demonstrates how HSBC uses a security token to verify transactions =
online. <a href=3D"https://www.youtube.com/watch?v=3DSh2Iha88agE" =
class=3D"">https://www.youtube.com/watch?v=3DSh2Iha88agE</a>.</div><div =
class=3D""><br class=3D""></div><div class=3D"">Many Bitcoin wallets and =
services already use Open Authentication (OATH) based one-time passwords =
(OTP). Is there any interest (or existing work) in in the Bitcoin =
community adopting the OATH Challenge-Response Algorithm (OCRA) for =
verifying transactions?</div><div class=3D""><br class=3D""></div><div =
class=3D"">I know there are other forms of malware, however, I want to =
get thoughts on this approach as it would involve the use of a decimal =
representation of the bitcoin address (depending on particular =
application). In the HSBC example (see YouTube video above), this =
was the last 8 digits of the recipient=E2=80=99s account number. =
Would it make sense to convert a bitcoin address to decimal and =
then truncate to 8 digits for this purpose? I understand that =
truncating the number in some way only increases the likelihood for =
collisions=E2=80=A6 however, would this still be practical or could the =
malware generate a rogue bitcoin address that would produce the same 8 =
digits of the legitimate bitcoin address?</div><div class=3D""><br =
class=3D""></div><div class=3D"">Brian Erdelyi</div></body></html>=
--Apple-Mail=_8D6BCAAD-07BE-4D6B-8E28-5FDE3C76084F--
--Apple-Mail=_C54F50CA-8B96-4AEA-951B-713510857F83
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
filename=signature.asc
Content-Type: application/pgp-signature;
name=signature.asc
Content-Description: Message signed with OpenPGP using GPGMail
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - https://gpgtools.org
iQIcBAEBCgAGBQJUzVQZAAoJEOU8U1lTQFC+2aoP/0Ku/SKhWe9+/BR9cUohee/V
k9j2n2qRkO9FvLdV7a26jVzn48qmK9S3ThCrAPAT8cUKHZMKemMJsB9WjSgMxTwF
nsrJx61TK5Ks+ACyUOd1U9YBWtCqteDwhHUZDCea9Fq90nY8Cx1nKTDp9BAzVRSh
7ZBXEebOM1yN8dsnt0AfS/FtIigBZqUCHWN1BZ8c800CTcTa9EwUsex6N9f9uM24
YXh4a+fl3g98MQjUriZd2MRswx/qTJpVbc25+vccP+2lcBnqAQ/j2Pj0xCDrCb0B
jmpyghocBsdWMAAtthW4Cm/MLUrDlunBzmFNyzltr/C3xig58zv1UaMgPkXUrjTc
7A1SXliGSTzEhKu6e/rD9O6NEaA2R1I6q6Wi8inyDkcxT8YV0D+kjSaSOF4OtksJ
3iAOvAT5b5vh+LNh1mOhfNF19nVjRIvObjjF+XBu1xAKeXuA5Ub3kVof4IWjmMJG
zXSj7Q0bs1loKRU2KhE09X3IHuJrImtAWAyXsHcu78Q9iAn6QhUSAK19IHVN9ra2
3jW57bjhKV1GcP2Lz5364YE/3sJubfjfUKPslgxVO1eZjqtT8lEBPuMuhyb9Mpjk
h+X9rGWgmlx+FNy7M0Kc/B+5jmaprnBP0Uw+b1sbpfVE7We15u6RN6IK84tFa6CG
XZoVRGKBU6kA7aZ2CCbK
=o89+
-----END PGP SIGNATURE-----
--Apple-Mail=_C54F50CA-8B96-4AEA-951B-713510857F83--
|