Two-Factor Authentication for the Bitcoin Protocol

  • Christopher Mann
  • Daniel LoebenbergerEmail author
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9331)


We show how to realize two-factor authentication for a Bitcoin wallet. To do so, we explain how to employ an ECDSA adaption of the two-party signature protocol by MacKenzie and Reiter (2004) in the context of Bitcoin and present a prototypic implementation of a Bitcoin wallet that offers both: two-factor authentication and verification over a separate channel. Since we use a smart phone as the second authentication factor, our solution can be used with hardware already available to most users and the user experience is quite similar to the existing online banking authentication methods.


Signature Scheme Commitment Scheme Cipher Text Online Banking Threshold Signature Scheme 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.



We would like to thank Michael Nüsken for various useful comments and Mike Hearn for greatly improving the performance of a first version of the prototype by suggesting a bouncy castle version with optimized arithmetic on the curve secp256k1. This work was funded by the B-IT foundation and the state of North Rhine-Westphalia.


  1. Accredited Standards Committee X9: ANSI X9.62, public key cryptography for the financial services industry: the elliptic curve digital signature standard (ECDSA). Technical report, American National Standards Institute, American Bankers Association (2005)Google Scholar
  2. ANSSI: Mécanismes cryptographiques - Règles et recommandations concernant le choix et le dimensionnement des mécanismes cryptographiques, Rev. 2.03. Agence nationale de la sécurité des systèmes dinformation (2014).
  3. Back, A.: Hashcash - a denial of service counter-measure. Technical report (2002).
  4. Barker, E., Barker, W., Burr, W., Polk, W., Smid, M.: NIST Special Publication 800–57 - Recommendation for Key Management - Part 1: General (Revision 3). National Institute of Standards and Technology (2012).
  5. Ben-Or, M., Goldwasser, S., Widgerson, A.: Completeness theorems for non-cryptographic fault-tolerant distributed computation. In: STOC 1988: Proceedings of the Twentieth Annual ACM Symposium on Theory of Computing, pp. 1–10. ACM, New York (1988). ISBN 0-89791-264-0,
  6. Bitpay Inc.: Copay: A secure Bitcoin wallet for friends and companies (2014).
  7. Blum, M., Feldman, P., Micali, S.: Proving security against chosen cyphertext attacks. In: Goldwasser, S. (ed.) CRYPTO 1988. LNCS, vol. 403, pp. 256–268. Springer, Heidelberg (1990) CrossRefGoogle Scholar
  8. Certicom Research: SEC 2: recommended elliptic curve domain parameters. Technical report, Certicom Corporation (2000)Google Scholar
  9. Chaum, D., Fiat, A., Naor, M.: Untraceable electronic cash. In: Goldwasser, S. (ed.) CRYPTO 1988. LNCS, vol. 403, pp. 319–327. Springer, Heidelberg (1990). CrossRefGoogle Scholar
  10. Damgård, I.B., Fujisaki, E.: A statistically-hiding integer commitment scheme based on groups with hidden order. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 125–142. Springer, Heidelberg (2002). CrossRefGoogle Scholar
  11. Fujisaki, E., Okamoto, T.: Statistical zero knowledge protocols to prove modular polynomial relations. In: Kaliski Jr, B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 16–30. Springer, Heidelberg (1997). CrossRefGoogle Scholar
  12. von zur Gathen, J., Shparlinski, I.: Generating safe primes. J. Math. Cryptol. 7(4), 333–365 (2013). ISSN 1862–2984 (Online) 1862–2976 (Print)),
  13. Gennaro, R., Jarecki, S., Krawczyk, H., Rabin, T.: Robust threshold DSS signatures. In: Maurer, U.M. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 354–371. Springer, Heidelberg (1996). CrossRefGoogle Scholar
  14. Goldfeder, S., Bonneau, J., Felten, E.W., Kroll, J.A., Narayanan, A.: Securing Bitcoin wallets via threshold signatures (2014). Preprint
  15. Goldfeder, S., Gennaro, R., Kalodner, H., Bonneau, J., Kroll, J.A., Felten, E.W., Narayanan, A.: Securing Bitcoin wallets via a new DSA/ECDSA threshold signature scheme (2015). Preprint
  16. Harn, L.: Group-oriented \((t, n)\) threshold digital signature scheme and digital multisignature. IEE Proc. Comput. Digital Techniques 141(5), 307–313 (1994).
  17. Hearn, M.: Update on mobile 2-factor wallets (2014). Bitcoin Mailing list at,
  18. Ibrahim, M.H., Ali, I.A., Ibrahim, I.I., El-sawi, A.H.: A robust threshold elliptic curve digital signature providing a new verifiable secret sharing scheme. In: MWCAS03, vol. 1, pp. 276–280. IEEE Computer Society, Cairo (2003). ISBN 0-7803-8294-3, ISSN 1548-3746,
  19. Karatsuba, A., Ofman, Y.: Multiplication of multidigit numbers on automata. Sov. Phys. Doklady 7(7), 595–596 (1963). Translated from Doklady Akademii Nauk SSSR, vol. 145, No. 2, pp. 293–294, July 1962Google Scholar
  20. Kim, S.H., Han, D., Lee, D.H.: Predictability of android openSSL’s pseudo random number generator. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security, pp. 659–668. ACM, New York (2013). ISBN: 978-1-4503-2477-9,
  21. Langford, S.K.: Threshold DSS signatures without a trusted party. In: Coppersmith, D. (ed.) CRYPTO 1995. LNCS, vol. 963, pp. 397–409. Springer, Heidelberg (1995). Google Scholar
  22. Lipovsky, R.: New Hesperbot targets: Germany and Australia (2013).
  23. MacKenzie, P., Reiter, M.K.: Two-party generation of DSA signatures. Int. J. Inf. Secur. 2(3–4), 218–239 (2004). CrossRefzbMATHGoogle Scholar
  24. Christopher Mann (2014). A prototypic implementation of a two-factor Bitcoin wallet: Source code. GitHub.
  25. Mann, C.: Two-factor authentication for the Bitcoin protocol. Master thesis, Mathematisch-Naturwissenschaftliche Fakultät der Rheinischen Friedrich-Wilhelms-Universität Bonn (2015).
  26. Nakamoto, S.: Bitcoin: A Peer-to-Peer Electronic Cash System. Cryptography Mailing list at, 9 pages (2008).
  27. NIST: Federal Information Processing Standards Publication 180–4 - Secure Hash Standard. National Institute of Standards and Technology (2012).
  28. NIST: FIPS 186-4: digital signature standard (DSS).Technical report, Information Technology Laboratory, NationalInstitute of Standards and Technology (2013)Google Scholar
  29. Paillier, P.: Public-key cryptosystems based on composite degree residuosity classes. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 223–238. Springer, Heidelberg (1999). Google Scholar
  30. Sancho, D., Hacquebord, F., Link, R.: Finding holes operation emmental. Technical report, Trend Micro Incorporated (2014).
  31. Schönhage, A., Strassen, V.: Schnelle Multiplikation großer Zahlen. Computing 7, 281–292 (1971)MathSciNetCrossRefzbMATHGoogle Scholar
  32. Shamir, A.: How to share a secret. Commun. ACM 22(11), 612–613 (1979)MathSciNetCrossRefzbMATHGoogle Scholar
  33. Wang, C.-H., Hwang, T.: (t+1, n) threshold and generalized DSS signatures without a trusted party. In: Proceedings of the 13th Annual Computer Security Applications Conference (ACSAC 1997), pp. 221–226. IEEE (1997). ISBN: 0-8186-8274-4,
  34. Wiener, M.J.: Safe prime generation with a combined sieve. Cryptology ePrint Archive 2003/186 (2003).
  35. Wuille, P.: Dealing with malleability. Technical report, Bitcoin Project (2014).

Copyright information

© Springer International Publishing Switzerland 2015

Authors and Affiliations

  1. 1.B-ITUniversity of BonnBonnGermany

Personalised recommendations