2. Blockchain Workspace www.blockchainworkspace.com 2
Not today…
• No centralised key management solutions
• No wallet client software
• No mobile en no hosted applications
• No public key management
• No additional legal stuff
• No to/fro exchanges
• No timers
• No biometry
Main message to go and install: routine.
‘Basic good security practices are now part of my routine without even noticing. Like putting on a seatbelt after getting into a vehicle, it’s
just something I do.’
The real question is: How much have you improved your overall security? And enjoy every single step of learning every day and get more
and more secure.
No centralised key management solutions -> use a bank if you want to deliver your wallet to someone)
No Client software ; it is about data today
No mobile en no hosted ‘MyEtherWallet’ / Copay applications / solution
No public key management -> to verify a signature, to encrypt a message for somebody
No additional legal stuff
No to/fro exchanges -> strong passwords, the value is not yours if you do not control the keys
No Timers and no Biometry
3. Blockchain Workspace www.blockchainworkspace.com 3
HOOOWWW????!!!!!!
As soon as some significant value is involved, how do you manage your keys?…
• Plan upfront, put it in writing
• You know what you are doing
• If not: you study first (technique + experiences), you practise with small amounts. So you know what you are
doing
• Have your strong passwords generated and managed
• Create, backup, use hierarchical keys (from seeds)
• Use 2F, maybe even 3F
• Apply the 3-2-1 rule
• Share Secrets among your loved ones
• Check the controlling power of the keys (safely, small amounts)
• Routine: Regularly go through all the steps and key stores
• Many thanks to: Pamela Morgan of Third Key Solutions for her freely available work (CC by SA)
4. Blockchain Workspace www.blockchainworkspace.com 4
Crypto Currencies’ foundational innovation
Repeat of essence of the introduction
Encryption {key}
Timestamping and consensus {stamp}
Verification {check}
But you will always need the original digital data.
5. Blockchain Workspace www.blockchainworkspace.com 5
Wrap up introduction key management
• Wallet (data) = keychain
• bitcoin = Unspent Transaction Output (UTXO)
• Decentralised, open, open source, etc
• A public key is your virtual identity
• Personal private key management is key to future (personal note)
no coins x4
7. Blockchain Workspace www.blockchainworkspace.com 7
"Why you have to carefully
manage your keys. And why you
won’t"
Henk van Cann 2017 :)
How to adapt, how to learn, how to stay ‘alive’, MORE CONFIDENT, more easy, less blood rushes through you head, less near hart failures
because you think the money is not under your control anymore….
8. Blockchain Workspace www.blockchainworkspace.com 8
Pamela Morgan quotes
• ‘my failure to implement good security wasn’t totally my fault; it was a
combination of misunderstanding the risks, overestimating the effort it takes
to implement’
• ‘I had heard about people getting hacked. But it was always other people’
• ‘the risk wasn’t real enough for me to do anything about it’
• ‘the real danger is that when your credentials are stolen your life can be
disrupted in a major way’
• ‘Maybe you’re like I used to be: simply unsure of what to do — so you do
nothing’
• LINK TO ARTICLE
9. Blockchain Workspace www.blockchainworkspace.com 9
Pamela Morgan quotes
• ‘Basic good security practices are now part of my routine without even
noticing. Like putting on a seatbelt after getting into a vehicle, it’s just
something I do.’
• LINK TO ARTICLE
10. Blockchain Workspace www.blockchainworkspace.com 10
HOW do most relevant crypto keys LOOK LIKE?
• Strong passwords
• Seeds 12 words, 24 words, 25 words
• Hex strings
• QR codes
2kWqP2AKQqVaiv]Pykk;
(we focus on control and private keys)
Strong passwords first : generated from and stored in a Password Manager.
11. Blockchain Workspace www.blockchainworkspace.com 11
Password strengths in general
Source: https://xkcd.com/936/ ; CC by SA
Choose generated passwords - At least 24 characters with symbols, characters and digits
13. Blockchain Workspace www.blockchainworkspace.com 13
HOW / WHERE to find the most relevant keys?
• Brain
• Paper
• Web
• Mobile
• Desktop
• Hardware
• Single
• Hierarchical
Deterministic
• Multi signature
Where are they?
(we focus on control and private keys)
Web -> decentralised password managers
No multi signature for now, interesting though: Web software combined with coldstores.
BOLD faced are the elements I would use to set up my key management to start with and with the exception to the rule: truly
decentralised password managers on the web.
14. Blockchain Workspace www.blockchainworkspace.com 14
Functional approach to How To manage keys
HOW DO YOU USE THEM, A KIND OF ‘LIFECYCLE’
• Create a set of virtual identities for yourself
• Backup your identities
• Use keys to update wallet software
• Use keys to transact
• Use keys to sign
• Use keys to encrypt
• Use keys to arrange your inheritance
transact is perhaps the most well known function
estate planning
15. Blockchain Workspace www.blockchainworkspace.com 15
DON’TS of crypto key management
As soon as some significant value is involved, use as little as possible…
• weak passwords
• hot wallets in any form
• brain wallets solo
• unmanaged passwords
• self invented seeds
• online computers to generate/print single paper wallets
Web, mobile, etc.
Solo -> without anybody knowing it
Not 100% sure but also do not:
- follow a step by step, created by yourself or an external source, because it introduces new vulnerabilities
- no mobile phone as a security factor
16. Blockchain Workspace www.blockchainworkspace.com 16
DO’s of crypto key management
Techniques, routines I recommend to test whether it works for you…
• managed strong passwords
• Choose Wallet: Create, backup, use hierarchical keys (from seeds)
• 2FA
• 3FA (Challenge Response Authentication)
• generated seeds
• spread over copies
• spread over media
• spread over geo-locations
• split over controlling people
• Paper wallets
• Cold stores
• Managed brain wallets
IAM Authentication: something you have, you are and you know
HOW??!! you ask someone else the details
Good question, because you obviously want to learn, but…
What if the expert is not trustworthy?
A managed brain wallet is something your loved ones can remember when you are not there anymore, a shared secret, indirectly put
writing. Example: all family members remember that their lovely but long deceased dog jumped into a bassin back in 1994, the dog
pulled out a puppet that looked like Elvis, that was funny. So you might write down: ‘Pepper swim 1994’ but only a subset of your
beloved ones know the seed that is meant with that, which is ‘Dog jump bassin Elvis out’
Never mention the sentence itself ever again, repeat it to each other only once a year and always refer to ‘Pepper swim 1994’ when
mentioning the passphrase. Just an example of course.
17. Blockchain Workspace www.blockchainworkspace.com 17
HOW TO manage Paper Wallets
• Google your software
• Checksum check
• Run offline
• Print offline
• 3-2-1 rule
• Seal envelopes
• Store, dry, safe and recoverable
• If, then always transfer the total amount from the paper wallet to
elsewhere
At least 3 copies on 2 different types of media in at least 1 other geo-location
18. Blockchain Workspace www.blockchainworkspace.com 18
HOOOWWW????!!!!!!
As soon as some significant value is involved, how do you manage your keys?…
• Plan upfront, put it in writing
• You know what you are doing
• If not: you study first (technique + experiences), you practise with small amounts. So you know what you are
doing
• Have your strong passwords generated and managed
• Create, backup, use hierarchical deterministic keys (from seeds)
• Use 2F, maybe even 3F
• Apply the 3-2-1 rule
• Share Secrets among your loved ones
• Check the controlling power of the keys (safely, small amounts)
• Routine: Regularly go through all the steps and key stores
• Many thanks to: Pamela Morgan of Third Key Solutions for her freely available work (CC by SA)
19. Blockchain Workspace www.blockchainworkspace.com 19
Still want to know HOW TO manage the keys?
"Introduce your weekly Key
Management Afternoon, it should be
family quality time, and get going”
The real question is: How much have you improved your overall security? And enjoy every single step of learning every day and get more
and more secure.
20. Blockchain Workspace www.blockchainworkspace.com 20
BIP39 and BIP44
• Seed generation, easy to remember
• Multiple cryptos behind one master seed/key
• more BIPs related to keys… have a look!
Bitcoin Improve Proposal
BIP39 https://github.com/bitcoin/bips/blob/master/bip-0039.mediawiki
This BIP describes the implementation of a mnemonic code or mnemonic sentence -- a group of easy to remember words -- for the
generation of deterministic wallets.
It consists of two parts: generating the mnemonic, and converting it into a binary seed. This seed can be later used to generate
deterministic wallets using BIP-0032 or similar methods.
BIP44 https://github.com/bitcoin/bips/blob/master/bip-0044.mediawiki
This BIP defines a logical hierarchy for deterministic wallets based on an algorithm described in BIP-0032 (BIP32 from now on) and
purpose scheme described in BIP-0043 (BIP43 from now on).
This BIP is a particular application of BIP43.