Safer than a bank account? How to protect your cryptocoins
Options to consider if you want better security for your cryptocurrency
In the history of transactions, keeping your funds safe has always been a major concern, which is absolutely understandable — being a little paranoid is fine when it comes to money — it’s hard to live without them, right? Ancient Greeks and Romans kept their treasures in the most important and sacred places they could possibly find — in temples and tombs. Over time, they became not only the places of God worship and keeping the most precious artefacts, but also fully-functional first banks which gave out loans only to the most renowned citizens or the Empire.
In the past century, a new institute of trust emerged — technology. Inspired by science fiction, people started to appropriate new forms of automatization of their everyday activities, such as using simple robot vacuum cleaners or shopping on the Internet without leaving the house. The banking system itself is actively catching up with technology by engaging blockchain solutions into their operations.
However, blockchain has a mind of its own, a modern-day paradigm that establishes its own rules of economy and interactions. Cryptocurrency does not exist in physical form. It is an absolutely ethereal substance that does not even need to be stored per se. It is brought to existence only by your activities on the blockchain. Whenever you make an action on the blockchain, it turns real and postulates your existence on the blockchain as well. Hence, you do not store money — instead you store the keys that grant you access to the coins that exist on the blockchain.
There is no legally binding establishment like banks in the digital world, which both has an upside and downside for the users.
- On the one hand, people do not need to relinquish control over to a third party which has its own regulatory system and high fees.
- On the other hand, people have to rely on their own judgement in choosing a technology to protect their assets.
Private keys are the same as real keys in the sense that each key is unique. With private keys, this is achieved by encrypting them with a cryptographic algorithm and linking to an account (or address — depending on the blockchain type).
Today private keys are mainly managed by different apps and extensions — for generating key pairs, signing valuable operations (such as transactions), and storing them. These services allow you to not only handle your crypto but also store passwords from the cloud storages.
But if we talk blockchain — there are several options for storing private keys.
The most widespread solution is wallets. If a real wallet keeps your money, a cryptowallet keeps your keys. When you transfer money, you are signing off your ownership of the cryptocoins to somebody else’s wallet address. No real exchange of money takes place — the fact of transfer of this ownership is signified by the transaction record on the blockchain, which is irreversible and openly broadcasted. This brings a certain level of trust in the system, but it also means that if private keys are compromised and a fraudulent transaction is made, it is very hard to retrieve the money, leaving crypto users vulnerable to loss and theft and with no legal protection.
Unlike banks that secure their users only with passwords, key management systems add public-private key pairs that are derived from from cryptographic algorithms. Passwords are still often used as on the outer (representation or UI) layer of protection.
Here you can learn more about cryptography
For example, among the usual software that is not connected to cryptocurrencies in any way, Google key management service (KMS) has a keychain feature that allows its users to create and manage cryptographic keys for cloud storage. It employs practically a complete package of cryptographic algorithms, including AES256, RSA 2048, RSA 3072, RSA 4096, EC P256, and EC P384. These are all interesting and quite reliable ways to encrypt your data.
RSA,one of the first asymmetric algorithms t invented in 1977 and named after its creators computer scientists R.Rivest, A.Shamir and L.Adleman, remains a benchmark in encryption till this day, although it is considered to be relatively slow. Another outstanding solution is AES256 which is used not only on the individual and company levels, but also on the governmental level by many countries.
The majority of cryptocurrency-oriented key management systems use these algorithms to encrypt private keys and sensitive data. If you are thinking about keeping your crypto safe, there are six possible ways of key storage that you should consider.
1. Hot and cold wallets
This option allows you to divide your funds in two portions and keep the smaller one in an online third-party web-device (hot storage) and the larger portion — offline (cold storage). Your account will be hosted on this third-party device.
This reminds a typical online bank, and it is as easy and conventional an experience. Sometimes these wallets provide only web-storage.
Disadvantages
This makes them highly prone to attacks, since you store large amount of coins online.
To tackle this flaw, there are hybrid hosted wallets that only use the web to broadcast transactions to the network, and use the client side for encryption of private keys.
This is perhaps the most convenient and safe type of hosted storage since it gives you the convenience of the interfaces you are used to and the security of cryptographic algorithms.
2. Encrypted wallets
This system relies on passwords to keep the keys safe.
Advantages
The main advantage is that not only are the keys encrypted but — on top of it — they are also protected with the passwords.
Disadvantages
The passwords need to be kept very carefully because if you forget one, your funds will be lost. Recovery of these passwords is almost impossible.
3. Hierarchical wallets
These wallets are designed in a way that lets them deterministically derive the keys from a randomly generated password. The following keys can be derived from them, forming a sort of hierarchy of keys.
Advantages
The hierarchical system distributes your assets according to the levels of keys in the hierarchy. This means that if one key is compromised, only the funds that were locked with it and the keys derived from it will be stolen.
4. Local file storage
Some systems allow their users to keep the keys locally on their computers. This does not imply, however, that the users regularly go into a particular folder and get the necessary key from there. Only the software is allowed access the file with the keys. Oh, by the way, we at Array have a few ideas which we might reveal in the nearest future.
Advantages
Local storage allows to keep practically unlimited number of keys due to their small size.
Disadvantages
However, it can be rather easily compromised by any malware — it is as delicate as any other file on your computer
Not only the malware, but an ordinary physical theft of your computer or mobile device can mean losing your funds.
5. Air-gapped key storage
The keys are stored on a secondary device that is air-gapped, which means that it is physically isolated from other devices by air. This secondary device can generate, sign, and export transaction without being connected to the network.
Advantages
This provides a better safe resistance because the private is not directly on the Internet.
Disadvantages
However, it can actually spawn malware in case it gets infected
6. Offline storage
This option includes storage on USB thumb drives, on pieces of paper, or any other material of your choice. Only recently, Cryptosteel — a piece of steel that keeps the private keys inside — was in circulation. Another curious way is Cryptoart which weaves the private key inside a piece of art.
Advantages
People know very well how to keep physical things safe. We’ve found new places and ways to hide our money for such a long time, that it seems (and perhaps is indeed) the safest method of key storage.
Disadvantages
You will need to go get it from your vault or from under the mattress anytime you need to make a transaction, which is obviously incredibly inconvenient.
Whatever means you choose, it is probably beneficial to be dexterous. So, keep your keys safe and don’t forget to change locations of storage or the keys themselves every now and then!
