Blockchain Is Only as Secure as Your Private Keys
Mon, 08/27/2018 – 19:48
A properly secured private key is known by the person sending or communicating the Bitcoin and the person receiving or hearing the Bitcoin. Because Bitcoin is not a centralized currency, which is the entire point of cryptocurrency, there is no centralized bank which knows where your money is. It’s all up to you and your private keys.
What are private keys? Numbers!
The digital keys you are sending and receiving are not like those you’d put in the lock of your home. Rather, in the context of Bitcoin, private keys are just numbers. These numbers are called quindecillions, and they are numbers with 48 zeros after the one. To compare, 1 million has six zeroes after the one. This represents an incredible, nearly infinite, number of private keys.
To simplify private keys, which can be very long when written as numbers, Wallet Import Format (WIF) was introduced to make private keys easier to share. WIF keys are shorter, due to how it uses a mix of letters and numbers.
Here are the advantages of using WIF:
- The format is shorter, leading to fewer copying errors.
- It includes a built-in tool for checking errors in codes to catch your mistakes in transposing.
- It is the most common way private keys are represented in Bitcoin transactions.
You will know your private key is in WIF format as the it will always start with 5 on mainnet, or 9 on testnet. If it’s a compressed public key, it will start with L or K on mainnet, or c on testnet.
Knowing the last point is important. Here’s an example private key I made up:
From what we learned above, we know that this private key is in WIF format and that it is a compressed public key from the mainnet. Knowing this will allow us to get our Bitcoin address to complete our transaction. Sound complicated? Don’t worry; software can handle this for you.
Private keys and encryption
Private keys are generated by Wallets to be processed as part of the transaction. To prevent these private keys from being intercepted and processed by hackers, people use encryption when sending and storing them.
You’ll know that you have an encrypted private key as it will look like it is in WIF, but start with a 6. You will then know that you’ll need the password which will unlock the private key, which the sender will have. This encryption is vital as your private keys are only as secure as you make them. There is no centralized authority protecting them for you like a bank.
Knowing a private key allows you to own the Bitcoin
When someone has your private key, they have your Bitcoin. Period. Once someone has your private key they are free to take your Bitcoin and put it in their Wallet. That is why we take such complicated efforts to ensure the proper length of private keys, different formats, and the vital aspect of encryption.
Here are the ways people can steal your Bitcoin private keys:
- During the communication of your private key.This is when hackers intercept your private key while it is being sent across the Internet.
- From storage media on hard drives or thumb drives.Hackers and Bitcoin thieves hack into your storage devices and retrieve your Bitcoin private keys.
The storing and distribution of private keys is of utmost concern to anyone who wants to have Bitcoin. Here are the main ways to protect yourself from the interceptions mentioned in points 1 and 2:
The most basic thing to do is be sure that you’re using a secure network when communicating your private keys. Never use public WiFi as they’re simply untrustworthy. The use of a VPN, which will encrypt your entire connection, is recommended.
For storage, software wallets allow you to encrypt your Bitcoin address files. How well your Bitcoin is protected depends on the quality of your private key and the strength of your chosen password.
Everything in the world of Bitcoin comes down to creating secure private keys, making sure they’re strong and secure while being transported or stored. All it takes is someone knowing a Bitcoin private key to remove money from your wallet, so making secure private key generation and communication is the most important aspect of having and using Bitcoin.
When people think of Bitcoin, they think of currency. To fully understand this digital currency, as opposed to the coin and paper currency we know, we must think of Bitcoin as more than just a currency. It is information communicated over the Internet. These communications are transactions of Bitcoins. What protects these communications from being ‘heard’ by anyone is private keys.
*** This is a Security Bloggers Network syndicated blog from Rss blog authored by Scott Carter. Read the original post at: https://www.venafi.com/blog/blockchain-only-secure-your-private-keys