Topic: A challenge to the idea that no-one can create a good brainwallet - page 3. (Read 15596 times)
December 07, 2014, 07:40:41 PM
Just watched a film "In time", when people carrying lots of times (the currency of future, embedded in the body like a brain wallet but the balance is visible on arm) walking around, they need to hire some bodyguards
December 07, 2014, 06:39:18 PM
This is about entropy - if my passphrase entropy is not good enough then the funds will be stolen.
Correct.
And the human mind is incapable of useful amounts of entropy. Anything that any person in the world is capable of thinking, someone else in the world can also think. We are deterministic creatures that are limited by our minds.
Clearly nobody has emptied the address yet, but that is a very bad way of determining if something is secure or not.
A brainwallet doesn't have to come entirely out of your own brain's "RNG." There is a lot of info our brain can and does store that is generated externally.
I didn't know that anyone thought a secure (both from hacks and memory loss) brainwallet was impossible. I think that's quite clearly not the case. I personally use a brainwallet that is multiple sentences that don't appear anywhere in print or on the web, including words that don't appear in any dictionary, that has no real meaning to any strangers on the internet and which I can't even fathom forgetting. So GL to anyone who wants to crack that.
Of course there are still many ways one can go wrong when attempting to use a brainwallet, but it's hardly impossibly for it to be done well.
December 07, 2014, 06:15:10 PM
silver fish kracker utoob the noob with phat boobs.
you can see were getting into serious entropy already.
you can see were getting into serious entropy already.
I don't see. How much entropy do you have here?
Very conservatively, that would be about 27 bits of
entropy minimum, since you have 4 words. (sliver fish kracker utoob).
The assumption is there would be minimum of 100
words people would choose. 100^4 = 100,000,000
combinations.
As I mentioned, you would need a 24 word passphrase
to generate 160 bits of entropy.
Ok, I thought you were suggesting that you'd built up quite a bit more entropy than this. While I don't feel you have well-justified* that {a person looks around a room, selects an object, and makes 2 "mental hops"} generates (very conservatively) log_2(100) bits of entropy, I don't doubt that a person conscious of the subtleties of information theory would manage at least this.
(*) The assumption of there being 100 different words is insufficient to justify log_2(100) bits of entropy per word. One also needs to assume that the person would select of these 100 words uniformly (each word as likely as the next) for this. In reality, some words are going to be more common than others (maybe following a Pareto distribution?), hurting the entropy, but I expect this will be made up for by a larger dictionary (400 words should easily do it and even this seems a bit conservative to me).
legendary
Activity: 1302
Merit: 1008
Core dev leaves me neg feedback #abuse #political
December 07, 2014, 05:43:02 PM
Does anyone here mind telling me what a Brain wallet is please ? Basically you remember your Private key from your Wallet or how does it work exactly ? 
A brain wallet is a wallet where all the information needed to spend the held bitcoins is memorised.
Memorising a private key (or extended private key: BIP-0032) is one simple way of doing this. You might also memorise the essential contents of some service's paper-wallet backup (related reading: BIP-0039).
Some people will generate a passphrase themselves and take some 256-bit hash of that passphrase to be used as a private key. However, it is common for people to create insufficient entropy in this process and thereby run the risk of having their bitcoins stolen.
silver fish kracker utoob the noob with phat boobs.
you can see were getting into serious entropy already.
you can see were getting into serious entropy already.
I don't see. How much entropy do you have here?
Very conservatively, that would be about 27 bits of
entropy minimum, since you have 4 words. (sliver fish kracker utoob).
The assumption is there would be minimum of 100
words people would choose. 100^4 = 100,000,000
combinations.
As I mentioned, you would need a 24 word passphrase
to generate 160 bits of entropy.
Woah, you are missing the context here.
The passphrase isnt supposed to be 4 words. It's supposed to be 24 words. I only gave 4
in a prior post to demonstrate how to get random words. Teukon asked how much entropy
those 4 words would have.
You can't go off a million words in the dictionary. You go off 100 words
(an exaggeratedly SMALL number) to be on the safe side. If brainwallet
skeptics say that "oh everyone has the same thoughts", well, assume
people would choose the same 100 words over and over and go with that.
So, the formula then becomes 100^24 = 160 bits of entropy.
December 07, 2014, 05:35:22 PM
Does anyone here mind telling me what a Brain wallet is please ? Basically you remember your Private key from your Wallet or how does it work exactly ?
A brain wallet is a wallet where all the information needed to spend the held bitcoins is memorised.
Memorising a private key (or extended private key: BIP-0032) is one simple way of doing this. You might also memorise the essential contents of some service's paper-wallet backup (related reading: BIP-0039).
Some people will generate a passphrase themselves and take some 256-bit hash of that passphrase to be used as a private key. However, it is common for people to create insufficient entropy in this process and thereby run the risk of having their bitcoins stolen.
silver fish kracker utoob the noob with phat boobs.
you can see were getting into serious entropy already.
you can see were getting into serious entropy already.
I don't see. How much entropy do you have here?
Very conservatively, that would be about 27 bits of
entropy minimum, since you have 4 words. (sliver fish kracker utoob).
The assumption is there would be minimum of 100
words people would choose. 100^4 = 100,000,000
combinations.
As I mentioned, you would need a 24 word passphrase
to generate 160 bits of entropy.
December 07, 2014, 05:03:25 PM
I bet nobody gets your Bitcoin.
legendary
Activity: 1302
Merit: 1008
Core dev leaves me neg feedback #abuse #political
December 07, 2014, 04:17:00 PM
Does anyone here mind telling me what a Brain wallet is please ? Basically you remember your Private key from your Wallet or how does it work exactly ?
A brain wallet is a wallet where all the information needed to spend the held bitcoins is memorised.
Memorising a private key (or extended private key: BIP-0032) is one simple way of doing this. You might also memorise the essential contents of some service's paper-wallet backup (related reading: BIP-0039).
Some people will generate a passphrase themselves and take some 256-bit hash of that passphrase to be used as a private key. However, it is common for people to create insufficient entropy in this process and thereby run the risk of having their bitcoins stolen.
silver fish kracker utoob the noob with phat boobs.
you can see were getting into serious entropy already.
you can see were getting into serious entropy already.
I don't see. How much entropy do you have here?
Very conservatively, that would be about 27 bits of
entropy minimum, since you have 4 words. (sliver fish kracker utoob).
The assumption is there would be minimum of 100
words people would choose. 100^4 = 100,000,000
combinations.
As I mentioned, you would need a 24 word passphrase
to generate 160 bits of entropy.
December 07, 2014, 03:53:07 PM
Does anyone here mind telling me what a Brain wallet is please ? Basically you remember your Private key from your Wallet or how does it work exactly ?
A brain wallet is a wallet where all the information needed to spend the held bitcoins is memorised.
Memorising a private key (or extended private key: BIP-0032) is one simple way of doing this. You might also memorise the essential contents of some service's paper-wallet backup (related reading: BIP-0039).
Some people will generate a passphrase themselves and take some 256-bit hash of that passphrase to be used as a private key. However, it is common for people to create insufficient entropy in this process and thereby run the risk of having their bitcoins stolen.
silver fish kracker utoob the noob with phat boobs.
you can see were getting into serious entropy already.
you can see were getting into serious entropy already.
I don't see. How much entropy do you have here?
December 07, 2014, 03:31:22 PM
Clearly nobody has emptied the address yet, but that is a very bad way of determining if something is secure or not.
Well - if no-one can empty my address then how would you explain that?
(luck?)
There is a difference between "nobody can empty my address" and "nobody has emptied my address".
Just like there is a difference between "nobody can steal my car" and "nobody has stolen my car".
You can't equate the fact that the funds haven't been taken with the concept that the funds can't be taken.
The level of entropy that a brain wallet will use is not enough to keep it secure over the long term. This is especially true as ASICs are being made for scrypt based altcoins, which means that it will eventually be more profitable to re-purpose GPUs to attempt to mine brain wallets (which means more effort will be put into finding a brain wallet). I think that brain wallets may be secure for short term storage under certain circumstances (for example if you are crossing the border and/or going to be going to jail for a short time).
I also think the fact that no one has stolen your 1 BTC means that no one has found the private key. It is a known fact that some people "test" their brain wallet with small amounts of bitcoin to see if the money is quickly stolen and if so don't put what they "really" intended to put in it, and as a result people who are farming brain wallets will not always take the balance from a brain wallet just because there is a balance in it
legendary
Activity: 1302
Merit: 1008
Core dev leaves me neg feedback #abuse #political
December 07, 2014, 02:31:25 PM
This is about entropy - if my passphrase entropy is not good enough then the funds will be stolen.
Correct.
And the human mind is incapable of useful amounts of entropy.
This is definitely debatable, and I would personally disagree with this statement.
I've already given a method that demonstrates how you can generate high entropy.
Quote
Anything that any person in the world is capable of thinking, someone else in the world can also think. We are deterministic creatures that are limited by our minds.
While both of these statements are somewhat true, neither preclude generation of entropy, and you're ignoring
several important facts. Namely, that there is a large number of distinct words/thoughts/things
that exist...and while our thoughts may ultimately be deterministic, there is no meaningful way
to predict them. Furthermore, we all have unique experiences, memories, and brains, so we will
come up with different thoughts. Even our own selves will come up with different thought patterns
on different days and there is no way to predict them. Combine that with enough components
to a brain wallet phrase, and high entropy is possible.
December 07, 2014, 02:26:51 PM
You can't equate the fact that the funds haven't been taken with the concept that the funds can't be taken.
You are really *reaching with this* - so you think that someone has worked out my private key and not taken the funds.
Then I'd ask that person to sign a message showing that they have the private key otherwise your post is rather ridiculous.
December 07, 2014, 02:24:07 PM
Clearly nobody has emptied the address yet, but that is a very bad way of determining if something is secure or not.
Well - if no-one can empty my address then how would you explain that?
(luck?)
There is a difference between "nobody can empty my address" and "nobody has emptied my address".
Just like there is a difference between "nobody can steal my car" and "nobody has stolen my car".
You can't equate the fact that the funds haven't been taken with the concept that the funds can't be taken.
December 07, 2014, 02:20:46 PM
Clearly nobody has emptied the address yet, but that is a very bad way of determining if something is secure or not.
Well - if no-one can empty my address then how would you explain that?
(luck?)
December 07, 2014, 02:20:06 PM
Therefore, it must be comeplete secure from anyone ever stealing it.
Sure - let's just get back to the address I mentioned and the funds - not some imaginary situation.Just making a very obvious point about the flaw in your reasoning.
December 07, 2014, 02:19:28 PM
This is about entropy - if my passphrase entropy is not good enough then the funds will be stolen.
Correct.
And the human mind is incapable of useful amounts of entropy. Anything that any person in the world is capable of thinking, someone else in the world can also think. We are deterministic creatures that are limited by our minds.
Clearly nobody has emptied the address yet, but that is a very bad way of determining if something is secure or not.
December 07, 2014, 02:17:42 PM
Therefore, it must be comeplete secure from anyone ever stealing it.
Sure - let's just get back to the address I mentioned and the funds - not some imaginary situation.
December 07, 2014, 02:15:46 PM
My point is that you can't assume, just because nobody has written the correct software to crack your brainwallet, that nobody ever will. You also can't assume that nobody in the entire world will every attempt to store their bitcoins using the exact same method as you (completely by coincidence) and stumble upon your bitcoins.
No one is assuming anything other than that.
This is about entropy - if my passphrase entropy is not good enough then the funds will be stolen.
December 07, 2014, 02:15:19 PM
Again there is still 1 BTC there.
Steal it (oh yes - I forgot - you can't).
Steal it (oh yes - I forgot - you can't).
There is a vehicle in Alaska right now that is unlocked with the keys in the ignition.
Go ahead, steal it.
Oh yes, I forgot, you can't.
Therefore, it must be comeplete secure from anyone ever stealing it.
December 07, 2014, 02:14:03 PM
@Danny - there are people running software 24x7 to hack weak passwords - you know this.
So why pretend that you don't?
So why pretend that you don't?
There are also people stealing vehicles 24x7.
My point is that you can't assume, just because nobody has written the correct software to crack your brainwallet, that nobody ever will. You also can't assume that nobody in the entire world will every attempt to store their bitcoins using the exact same method as you (completely by coincidence) and stumble upon your bitcoins.
December 07, 2014, 02:11:02 PM
@Danny - there are people running software 24x7 to hack weak passwords - you know this.
So why pretend that you don't?
Again there is still 1 BTC there.
Steal it (oh yes - I forgot - you can't).
So why pretend that you don't?
Again there is still 1 BTC there.
Steal it (oh yes - I forgot - you can't).
Jump to: