3

To store my Bitcoin safely, I have an offline transaction setup. Computer A is online with a copy of the blockchain, and computer B is offline with the private keys. To make a transaction, I craft it on A, transfer it to B via USB, sign it on B, transfer it back to A via USB, and broadcast it on A.

It is possible the USB key gets infected on computer A, and compromises computer B. To mitigate that, I want to use a tiny USB stick (say, 1kB) which can only fit a few small transactions. That way, there's less chance a virus can physically fit on the USB in the first place.

Is using a tiny USB stick a good protection? Is this trick used for other purposes? Where I can buy those tiny "security" sticks (the smallest I could find was 512MB)?

Randomblue
  • 1,685
  • 3
  • 15
  • 17
  • 1
    Expecting a USB stick to be "too small for a virus" is a pretty far reach. A virus to steal your stuff will be pretty insignificant in size. This security ploy needs a rethink, I'm thinking. – Fiasco Labs Sep 14 '14 at 00:14
  • Why not fill an ordinary USB stick with plain text files that cannot be infected, leaving only a kilobyte? It's highly unlikely that a virus will make room for itself by deleting files. Maybe that leaves the possibility of a boot sector infection, I dunno (does a USB stick have one?) –  Sep 14 '14 at 10:37
  • @JanDoggen Yes, USB sticks can have a boot sector. What makes you think a virus would be unwilling to delete files? – domen Sep 15 '14 at 09:18
  • Or use a old school K7 tape, that ones used on old Commodore and Amiga computers. I seriously doubt any kind of virus targeting bitcoin will ever have heard of a K7 tape... – ThoriumBR Oct 19 '15 at 17:54

2 Answers2

5

Your setup is called air gap. 512 MB (even 2) is still a lot for a virus payload that only needs to steal a private key. I think what you want is to use QR codes for both parties. If you print the QR codes, be sure to use separate printers, just like with all peripheral devices (even a mouse chip could contain an exploit that got there through your online computer). But you can also display the QR codes on the device's screens. This would provide a communications channel for viruses, but for that to work the isolated computer would need to get infected, or exploit a vulnerability in the QR code reader application.

user10008
  • 4,315
  • 21
  • 33
  • The machine that has the bitcoin wallet needs to be connected to the intent. You can give someone a QR code and then expect payment without violating the air gap. – rook Sep 13 '14 at 23:03
  • All the neccessary data the wallet machine need get to it through the QR codes. Except for the blockchain, Bitcoin is very much like PGP. And the blockchain is only needed to defend from double spend. Double spend is not a threat he wants to defend from with the air gap approach. – user10008 Sep 13 '14 at 23:10
0

Use a partition utility to create a very small partition on the flash drive. Then create a new partition filling the rest of the space with an invalid file system type. That will be unreadable to either system, and won't be mounted, and will make it unlikely that a virus would attempt to use that space, it would be limited to the valid initial, small partition.

Note that this still presents vulnerabilities.

Another option is to make your own USB drive. Using an atmel AVR processor with USB support, and a lightweight USB library you can make a mass storage USB device with exactly the amount of space you want. The linked AVR processor has 512KB of flash, most of which would still be available once a simple mass storage device was implemented, so you wouldn't need any external storage for flash drives of 400KB or less.

You can even go further, and make it so the flash drive won't allow writes to the boot block or other sensitive areas. With some clever design I expect you could even sanitize writes to the drive. If it doesn't look like the right data (a key, for instance) then you can hold onto it long enough in ram that if the OS requests it back to verify it was written, then it'll respond correctly so the OS doesn't realize the data has been rejected, but once unplugged and attached to another device only the most recent valid data is actually stored in non-volatile memory, similar to stealth banning.

You would have to be careful to make sure that the AVR device is write protected, so it couldn't be rewritten by a virus.

Adam Davis
  • 1,071
  • 7
  • 11
  • A small partition won't stop malware since it will write to the raw block device or will even bypass the data storage aspect of the USB drive completely and overwrite the USB stick controller's firmware to turn it into a malicious USB keyboard that will type in malicious commands (to download the actual malware from the Internet). But +1 for the "make you own drive", just make sure the firmware you make (and the microcontroller) has no way of reprogramming itself via the USB data lines and you should be good. – André Borie Oct 19 '15 at 18:58