July 24th 2013
Bitcoin applications are not like ordinary applications - they handle real money and as such need to be treated with more security precautions than you would otherwise use.
In order to combat malware all downloads provided by MultiBit are served over HTTPS and are cryptographically signed. This means that they cannot be altered without the alteration being detected.
In many cases simply acquiring the code direct from
multibit.org over HTTPS will be sufficient security but we at MultiBit believe in going the extra mile to ensure that there is no doubt that what you think you have downloaded is exactly what we have published. To that end here is a short technical guide to verifying signatures using GPG.
This article is aimed at people who are comfortable with the command line but have not spent much time working with SHA1, GPG and so on. As usual commands are prefixed with either
$ to show the typical command prompt for Windows or Unix.
The first step on the road to security is access to strong cryptography. We'll start by creating a simple one line text file:
$ echo "Hello world" > example.txt
The above has an expected SHA1 hash of
33ab5639bfd8e7b95eb1d8d0b87781d4ffea4d5d which we will now attempt to verify. Depending on your operating system you'll need to install a few applications in a particular order to establish a solid trust foundation.
Microsoft's File Checksum Integrity Verifier (FCIV) is a command line tool that provides access to SHA1 checksums.
Once installed, you can test it out on your example file as follows
> fciv.exe -sha1 example.txt
You may find that the
example.txt file contains the quotes surrounding the words and is likely stored using Windows line endings (CRLF) rather than Unix (LF). Avoiding this in Windows involves a fair bit of command line trickery so it is easier to simply edit the file manually to strip out the extra information and change the file save format to reach the quoted SHA1. While a hassle, this does prove that the SHA1 operation is correctly detecting the most minute of differences.
OS X ships with an older version of OpenSSL that supports SHA1. You may want to update it, but the standard version is good enough for our purposes.
$ openssl sha1 example.txt
Most Linux distributions ship with the
$ sha1sum example.txt
At this point we have a way of verifying the integrity of anything we download, but we don't have any way to prove authenticity. Anyone could produce a copy of MultiBit containing malicious code with a valid SHA1 and it would pass our rather weak test. We need a cryptographic signature.
This is provided in the GnuPG (GPG) suite of applications that are available for download. You can choose to use their binary installers but remember to verify what you have downloaded using the SHA1 process above.
For example after downloading the GPG Tools installer and clicking on the SHA1 link we can verify the following:
$ openssl sha1 GPGTools-2013.5.20.dmg SHA1(GPGTools-2013.5.20.dmg)= 9f9fea935b3ce90d8d04542a754b8778f82a8b1b
To verify that GPG is installed and working use the following:
The result should look something like this:
gpg (GnuPG/MacGPG2) 2.0.17 libgcrypt 1.4.6 ... more info ...
After you have verified GPG you can then use GPG itself to verify all future GPG updates using the process described next.
On startup MultiBit will check with the main site to verify that it is still the latest released version. If not then it will present a dialog to inform the user and open a browser window to assist the download process.
The typical process is to simply click on the installer package link for your operating system and go through the installation wizard. In this case we're going to actually use the digital signature provided by MultiBit to verify that the download has been signed by the lead developer Jim Burton.
We import Jim's public key (0x79F7C572 ) using the following command:
$ gpg --keyserver pgp.mit.edu --recv-keys 0x79F7C572 gpg: requesting key 79F7C572 from hkp server pgp.mit.edu gpg: key 79F7C572: "Jim Burton (multibit.org developer) <email@example.com>" not changed gpg: Total number processed: 1 gpg: unchanged: 1
Each public key has a unique number which has been provided on the main MultiBit website. As more people decide to sign the MultiBit release then more keys will be presented on the site. By importing the key you give GPG the opportunity to check that the key has not been revoked, it also means that you can now send the owner of the key encrypted messages.
We are now ready to verify the MultiBit installer signature. From the download page, click the "Installers and signatures" link beside the latest installer for your operating system.
You will see the raw download page. Use File | "Save As" to download the signature file to the same location as the installer. Just clicking it will show the contents in your browser. Note that a signature file has a
.asc extension (for "armoured ASCII").
You can now issue the verification command. The example below is for a MultiBit HD version 0.1.0 Windows installer.
$ gpg --verify multibit-hd-windows-x64-0.1.0.exe.asc gpg: assuming signed data in `multibit-hd-windows-x64-0.1.0.exe' gpg: Signature made Tue 9 Jun 13:53:45 2015 BST using RSA key ID 23F7FB7B gpg: Good signature from "Jim Burton (multibit.org developer) <firstname.lastname@example.org>"
You may see the following additional information:
gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: 299C 423C 672F 47F4 756A 6BA4 C197 2AED 79F7 C572 Subkey fingerprint: 4A71 A836 F572 01B4 D088 7D60 0820 A658 23F7 FB7B
This warning from GPG is to inform you that you don't trust any keys that have signed Jim's key. As more people sign Jim's key eventually you will encounter someone whose key you do trust and that will in turn validate Jim's key in your trust chain. If you want to trust this key immediately you must sign it with your own key. Full information about key signing, and other features of GPG is available here.
The use of cryptographic signatures provides a guarantee that what you think you have downloaded is actually present on your system. Bitcoin applications are not like ordinary applications - they handle real money and as such need to be treated with more security precautions than you would otherwise use. It is always worth learning more about the technology you use and hopefully this article has given you a taste.