A group of PhD Students from Princeton University have developed a two-factor protection mechanism for bitcoin wallets. When enabled, users need to have both their computer and their mobile phone with them to gain access to funds.

Developers explain the mathematical basis of their invention in a paper published on the university website. Steven Goldfeder, a second-year PhD student and one of the authors of the project, described it in a more accessible form in a blog post.

According to the Princeton researcher, most modern bitcoin wallets aim to create security barriers against hackers on one device, whether a mobile phone, laptop, or server.Many apps are using the so-called multisignature method, which requires three or even four passwords to complete one transaction.

Using four passwords on a single device still leaves some room for hackers. The East Coast developers are applying the same “multiple verifications” logic: to complete a transaction securely, users need not two passwords, but two devices, namely a computer and a mobile phone.

To use this technology (provisionally named “threshold signatures”), users need to install special software on both devices. The inventors developed a prototype of the necessary software on the basis of a Multibit wallet. Steven Goldfeder explains how the technology works:

“A user initiates a transaction on the computer, and the computer then begins the threshold signing protocol with the phone. The phone will show the user the transaction details and will only proceed with the transaction with the user’s explicit approval. The computer and phone use QR codes to initially pair and for all subsequent sessions they communicate over the local Wifi network”

Thus, the American inventors have created a two-device system that is supposedly more safe than many one-device method like multisignatures and multiple passwords.

They are prepared to share their invention with other developers:

“We have released the code for our two-factor implementation, and we welcome community involvement to bring our prototype implementation to production quality as well as to build a reference implementation of our multiparty protocol”

Two-factor authentication is becoming increasingly popular with large web services as a means of increasing security in the wake of several high-profile password leaks. It ia provided as an option by, among others, Google, Dropbox, and Apple.