NXT :: descendant of Bitcoin - Updated Information

[Come-from-Beyond]

Even if it is a client issue. Wouldnt the hacker just continue to use nrs? Instead of targeting accounts thru a new client with extra security?
Will nrs always be able to connect u to ur account even if a new client comes out

New clients r supposed to generate keys with higher entropy (all 256 bits). All successful attacks were on low-entropy keys only.

[jl777]

CfB

If the client runs all the authentication software, where is the centralization?
Nxt is java running on each node, if that node ran all the authentication software, how is that centralized? Pop3 and smtp are not so much to add into client is it? I cant imagine adding support for google authenticator in the client is impossible. The part i can't figure out is how to have an api that enforces the additional security, at worst all the nodes would have to run google authenticator verification on all transactions. Difficult, but not impossible.

Ok, sms probably not good to have a zillion verification texts senta to your cellphone, but google authenticator has a dynamically changing code for each acct, if there was a authenticator alias for an acct could that be used by all nodes to enable validation before sending of funds?

James

[Come-from-Beyond]

CfB

If the client runs all the authentication software, where is the centralization?
Nxt is java running on each node, if that node ran all the authentication software, how is that centralized? Pop3 and smtp are not so much to add into client is it? I cant imagine adding support for google authenticator in the client is impossible. The part i can't figure out is how to have an api that enforces the additional security, at worst all the nodes would have to run google authenticator verification on all transactions. Difficult, but not impossible.

Ok, sms probably not good to have a zillion verification texts senta to your cellphone, but google authenticator has a dynamically changing code for each acct, if there was a authenticator alias for an acct could that be used by all nodes to enable validation before sending of funds?

James

Who will store the seed that used for Google auth?

[timmyd]

Even if it is a client issue. Wouldnt the hacker just continue to use nrs? Instead of targeting accounts thru a new client with extra security?
Will nrs always be able to connect u to ur account even if a new client comes out

New clients r supposed to generate keys with higher entropy (all 256 bits). All successful attacks were on low-entropy keys only.

Ok so when a new client arises is it reccomended that all users create new accounts? All current nrs accounts are currently at risk?
Some of these horror storys have me spooked a bit. I have a 50+ random password but still dont feel secure if im honest

[Come-from-Beyond]

Ok so when a new client arises is it reccomended that all users create new accounts? All current nrs accounts are currently at risk?
Some of these horror storys have me spooked a bit. I have a 50+ random password but still dont feel secure if im honest

If u use truly random password then u r ok. Recent horror stories r just black PR tricks.

[rickyjames]

As long as I'm wishing for a shiny new security add-on that allows frozen accounts that would take NXT out of circulation, I would also note that tabulating from the blockchain just how much NXT was indeed frozen and OUT of circulation helps the market know just how much is IN circulation - and would be an upward pressure on NXT prices.

[rickyjames]

Ok so when a new client arises is it reccomended that all users create new accounts? All current nrs accounts are currently at risk?
Some of these horror storys have me spooked a bit. I have a 50+ random password but still dont feel secure if im honest

If u use truly random password then u r ok. Recent horror stories r just black PR tricks.

You are probably right - but you can't be sure.   And this difference between "probably right / probably safe" and "sure / certain" is the shadow of doubt that the public mind will seize upon that will hinder widespread adaptation of NXT.  Bitcoin will always be able to claim an air gap option that we will not.  Getting ahead of this with some form of account freeze blockchain option / two step authentication scheme is the right thing to do.

[laowai80]

New clients r supposed to generate keys with higher entropy (all 256 bits). All successful attacks were on low-entropy keys only.

oh wait, since which version is it all 256 bits? )

[xyzzyx]

Why can't the client deal with email verification, google authenticator or even cellphone SMS
Aren't all verifications just software that runs somewhere? Why can't that somewhere be the client?

The problem with using an authenticator, in their current forms, is that they rely on a centralized point -- google, a SMS gateway, whatever.  

That, and it'd need multisig implemented.

Except the multisig, this is something that a NXT service provider could solve, I think.  I imagine it would work like this:

A group of nodes would run a parallel blockchain for the NXT2SMS functions.  These nodes would use transparent forging between themselves to maintain their N2S blockchain.  When you need to send a SMS, you would pay a fee and have a payload as an arbitrary message on the main blockchain.  The N2S nodes would notice the payload and decide who on their blockchain gets to collect the fee and transmit whatever is represented in the payload over SMS.  The one who generates the SMS is also the one who does the other side of the multisig to release the funds.

There's lots of hand-waving in the above paragraph because I don't know exactly how the core NXT functions that this is build upon will operate as they're yet to be released, but it's the general idea.

The hardware for the SMS transmission is the simple part as that already exists as an off-the-shelf solution: a smartphone or, for the more hardware hacker oriented, a GSM/GPRS module and an Arduio/RPi/etc to interface to it.

I might have overlooked something, however.

[Anon136]

I think this is the wrong way. what we need are clients that fore seamlessly, so even though the chance of winning will be minuscule, there will no no cost to forging, no barrier to entry so people will do it anyway. People pay to play the lottery now don't they? This lottery would be free to play, i think there is definitely some appeal there for users.

BCNext was forced to offer such the way coz small stakeholders won't bother with forging due to very high variation. Less coins forge - cheaper attacks.

if you just reduce the cost of forging down to ~0 than the low incentive wont matter. thats the point im trying to make. of course this can only come with time as third party developers make better client applications but this is what we should be focusing on. not pooled mining.

[Damelon]

Ok so when a new client arises is it reccomended that all users create new accounts? All current nrs accounts are currently at risk?
Some of these horror storys have me spooked a bit. I have a 50+ random password but still dont feel secure if im honest

If u use truly random password then u r ok. Recent horror stories r just black PR tricks.

You are probably right - but you can't be sure.   And this difference between "probably right / probably safe" and "sure / certain" is the shadow of doubt that the public mind will seize upon that will hinder widespread adaptation of NXT.  Bitcoin will always be able to claim an air gap option that we will not.  Getting ahead of this with some form of account freeze blockchain option / two step authentication scheme is the right thing to do.

Not only that. Íf there is some bad mediacoverage, we can point out that these issues have been debated amongst the stakeholders before launch and prove that we take security seriously and are also thinking beyond the scope of advanced users. I'm trying to think long term about these things as much as possible.

[jl777]

CfB

all the nodes would have to cryptographically store all the seeds for all accounts in a way that each node can reconstruct the desired output, without knowing the actual seed. Probably close to impossible, but not actually provably impossible. Maybe even a nice challenge for BCNext?

We don't need to use google authenticator, we just need some system that is distributed that achieves the desired result. That's a pretty open requirement and I doubt you can prove it is impossible. If it is not impossible, then it can be done.

I would like better minds than mine to figure out how to do this. I know mathematically it is probably the same odds of being hacked, but requiring an orthogonal step even after finding an account whose password you stumbled into would make everybody feel much safer.

As it is now a monkey typing random keys on the keyboard can stumble into an acct.

James

P.S. I understand why the current localhost will disappear, it has to so clients can add the new layer of security. Enforcing passwords that are strong enough is a good first step, but longer term please open your mind to the possibility of the "impossible", it will make a huge difference in NXT valuation

[Come-from-Beyond]

New clients r supposed to generate keys with higher entropy (all 256 bits). All successful attacks were on low-entropy keys only.

oh wait, since which version is it all 256 bits? )

It has been always been 256 bits.

[laowai80]

New clients r supposed to generate keys with higher entropy (all 256 bits). All successful attacks were on low-entropy keys only.

oh wait, since which version is it all 256 bits? )

It has been always been 256 bits.

ok, then I guess I misunderstood.

[EvilDave]

Quick question on the theft issue:

If someone is just running a brute force attack on the whole NXT network attempting to hit the jackpot, wont this activity be very visible in the blockchain?
Way I see it, every password generated by the brute force attack will create an account.
Can anyone (with more skillz than me) have a look at the account creation (possibly vs IP address) stats and see if something wierd is showing up?

[Come-from-Beyond]

if you just reduce the cost of forging down to ~0 than the low incentive wont matter. thats the point im trying to make. of course this can only come with time as third party developers make better client applications but this is what we should be focusing on. not pooled mining.

Good idea. As I wrote on Twitter, Pooled Forging may be added, not is being added.

[EpicThomas]

Quick question on the theft issue:

If someone is just running a brute force attack on the whole NXT network attempting to hit the jackpot, wont this activity be very visible in the blockchain?
Way I see it, every password generated by the brute force attack will create an account.
Can anyone (with more skillz than me) have a look at the account creation (possibly vs IP address) stats and see if something wierd is showing up?

The account will not show up in the blockchain before a transaction is made.

[jl777]

Can someone test potential passwords locally without going out to the network if he has the latest blockchain?

James

[Come-from-Beyond]

Quick question on the theft issue:

If someone is just running a brute force attack on the whole NXT network attempting to hit the jackpot, wont this activity be very visible in the blockchain?
Way I see it, every password generated by the brute force attack will create an account.
Can anyone (with more skillz than me) have a look at the account creation (possibly vs IP address) stats and see if something wierd is showing up?

Brute force attack is completely offline.

[rickyjames]

CfB

requiring an orthogonal step even after finding an account whose password you stumbled into would make everybody feel much safer.

As it is now a monkey typing random keys on the keyboard can stumble into an acct.

James

P.S. I understand why the current localhost will disappear, it has to so clients can add the new layer of security. Enforcing passwords that are strong enough is a good first step, but longer term please open your mind to the possibility of the "impossible", it will make a huge difference in NXT valuation

Jl777 and I absolutely see eye to eye on all of this.