Authentication using HTTPS client certificates

Posted on July 22, 2017 full post comments

We hear a lot about how passwords are insecure, and should not be used alone for authentication. They are hard to remember, so users are tempted to come up with weak passwords, and reuse them across multiple websites. Even if the password is strong, it’s still just a short string the users know.

There are numerous ways to mitigate this, such as HMAC or time-based one-time passwords or more recently universal 2nd-factor hardware tokens. They all based on something the user has, rather than something they know. What they have is a secret key, which they can use to generate a password or sign messages.

What seems to be forgotten in the consumer world is that every browser has had a feature built-in since TLS was introduced, called mutual authentication, which allows the user to present a certificate as well as the server. This means the user can authenticate with something they have and – if the certificate is protected by a passphrase – something they know.

In this post, we implement a simple Node.js example which uses client certificates to authenticate the user.

Working with Bitcoin HD wallets II: Deriving public keys

Posted on January 16, 2017 full post comments

This post is the continuation of my previous about key derivation.

So we already know how to create an huge amount of wallets using a recovery seed or an extended private key, the well-known derivation method described in BIP32 and the derivation paths of BIP44.

However, generating keys based on the private key puts limits on the possible use cases. The private key allows to spend the coins sent to its own or its descendants’ addresses, so it must be kept secret. That implies that you have to fully trust the code and the runtime you use to generate your addresses.

There’s a way to generate addresses in an untrusted environment though: using extended public keys.

Working with Bitcoin HD wallets: Key derivation

Posted on November 16, 2016 full post comments

If you are using Bitcoin regularly, you may have noticed that modern wallets let you create multiple accounts with the same recovery seed and they create a new address each time you create a payment request. This is important for privacy reasons (if you were reusing the same address, your balance and your transaction history would be publicly visible on the blockchain).

Key derivation has much more exciting applications though. You can have a cold wallet stored securely, and you derive all your hot wallets from it. If a hot wallet is compromised or lost, the rest of your wallets stay safe, and you can restore the funds from the lost wallet using the cold wallet. Or imagine a large organisation, where there is a top-level wallet managed by the CFO, and each department have there budgets on their sub-wallets, having budget sub-wallets for different spending categories, and so on.