Bitcoin Forum>Bitcoin>Bitcoin Discussion
Pages:
Author

Topic: A challenge to the idea that no-one can create a good brainwallet - page 4. (Read 15596 times)

DannyHamilton
legendary
Activity: 3472
Merit: 4801
Re: A challenge to the idea that no-one can create a good brainwallet
December 07, 2014, 02:09:26 PM
#38
Quote from: CIYAM on December 07, 2014, 02:07:45 PM
Quote from: DannyHamilton on December 07, 2014, 02:06:31 PM
Does this mean that I've found a secure way to store my vehicle?  Certainly my 50 years is longer than your 2 years.
So you are over 50 years old now?

Does my age matter?

The point stands on its own.

There are a significant number of people in the world that leave their vehicle unlocked with the key in the vehicle and that have not had their vehicle stolen.  Does the simple fact that a vehicle hasn't been stolen yet mean that the method of storing it is "secure"?

Quote from: CIYAM on December 07, 2014, 02:07:45 PM
(seriously that is not a good argument)

Honestly, that's a perfect argument.

You are stating that your brainwallet is proven "secure" simply because it hasn't been stolen yet.  Meanwhile many people with brainwallets have had their funds stolen.

I'm pointing out that a method of securing something that results in some losing what they are securing, can't be considered "secure" just because others haven't yet lost what they are securing.
CIYAM
legendary
Activity: 1890
Merit: 1086
Ian Knowles - CIYAM Lead Developer
Re: A challenge to the idea that no-one can create a good brainwallet
December 07, 2014, 02:07:45 PM
#37
Quote from: DannyHamilton on December 07, 2014, 02:06:31 PM
Does this mean that I've found a secure way to store my vehicle?  Certainly my 50 years is longer than your 2 years.

So you are over 50 years old now?

(seriously that is not a good argument)

If my key could have been found easily it would have already been found.
DannyHamilton
legendary
Activity: 3472
Merit: 4801
Re: A challenge to the idea that no-one can create a good brainwallet
December 07, 2014, 02:06:31 PM
#36
Quote from: CIYAM on December 07, 2014, 01:14:56 PM
@itod - if my brainwallet doesn't have enough entropy then why does it still have 1 BTC?

I am not against hardening one's brainwallet but my point is rather a simple one - if no-one can possibly come up with a secure brainwallet then why do I still have 1 BTC

The fact that something hasn't been stolen yet is not an indication that it is secure.

My vehicles have been parked in my driveway in front of my house for the past 50 years.  The vehicle doors are always unlocked.  The key is always in the glovebox.

I have never yet had a vehicle stolen.

Does this mean that I've found a secure way to store my vehicle?  Certainly my 50 years is longer than your 2 years.

jonald_fyookball
legendary
Activity: 1302
Merit: 1008
Core dev leaves me neg feedback #abuse #political
Re: A challenge to the idea that no-one can create a good brainwallet
December 07, 2014, 02:02:37 PM
#35
Quote from: CIYAM on December 07, 2014, 01:46:42 PM
Quote from: jonald_fyookball on December 07, 2014, 01:45:18 PM
I will say that while I do agree its possible, why not just use a RNG to help choose dictionary words?
If you don't trust computers, dice or cards work great.

The human brain is far more capable than most people seem to give it credit for  


I agree completely...

Not only on the creation of passphrases, but memory too.

Even memorizing a private key isn't THAT hard.  
Its 64 characters, or 32 pairs (E9, B2, etc).

I'm all about erring on the side of caution when
it comes to money but come on, its like people
have become mental midgets.

If I told you you have to memorize 5 private
keys by tomorrow or I'll kill your family, I bet
you would be able to do it.


CIYAM
legendary
Activity: 1890
Merit: 1086
Ian Knowles - CIYAM Lead Developer
Re: A challenge to the idea that no-one can create a good brainwallet
December 07, 2014, 01:59:19 PM
#34
A big part of the reason I created this topic was to measure the thinking that others have about brainwallets.

It is correct that most people are not capable of creating good brainwallets but to suggest that no-one can do this is IMO just wrong. If I lose the 1 BTC I've exposed then maybe I'll have to change my thinking - but until then I am saying brainwallets are a great way to store funds for those that have the capability to do so.

And btw - anyone trying to find my key by following the suggestions that I made in this topic won't have a chance to get my 1 BTC.  Grin
CIYAM
legendary
Activity: 1890
Merit: 1086
Ian Knowles - CIYAM Lead Developer
Re: A challenge to the idea that no-one can create a good brainwallet
December 07, 2014, 01:46:42 PM
#33
Quote from: jonald_fyookball on December 07, 2014, 01:45:18 PM
I will say that while I do agree its possible, why not just use a RNG to help choose dictionary words?
If you don't trust computers, dice or cards work great.

The human brain is far more capable than most people seem to give it credit for - so I give this 1 BTC wallet as an example of that (if I lose that 1 BTC it is not as though it won't be noticed now).

Again I am not against using random methods to help but after seeing the failures of PRNG's before I'd rather trust myself than an OS that might have a buggy PRNG (of course the dice suggestion is a good one).
jonald_fyookball
legendary
Activity: 1302
Merit: 1008
Core dev leaves me neg feedback #abuse #political
Re: A challenge to the idea that no-one can create a good brainwallet
December 07, 2014, 01:45:18 PM
#32
Quote from: CIYAM on December 07, 2014, 01:37:37 PM
True - if you use a bad passphrase for your brainwallet you'll lose your funds almost instantly.

But the purpose of this topic is not to debate about that but whether or not you can actually protect BTC with a good brainwallet (as nearly every topic I have read on this forum about brainwallets suggests that my 1 BTC should have already been stolen).

So why is my 1 BTC not stolen?


I will say that while I do agree its possible, why not just use a RNG to help choose dictionary words?
If you don't trust computers, dice or cards work great.
CIYAM
legendary
Activity: 1890
Merit: 1086
Ian Knowles - CIYAM Lead Developer
Re: A challenge to the idea that no-one can create a good brainwallet
December 07, 2014, 01:37:37 PM
#31
True - if you use a bad passphrase for your brainwallet you'll lose your funds almost instantly.

But the purpose of this topic is not to debate about that but whether or not you can actually protect BTC with a good brainwallet (as nearly every topic I have read on this forum about brainwallets suggests that my 1 BTC should have already been stolen).

So why is my 1 BTC not stolen?
itod
legendary
Activity: 1974
Merit: 1077
^ Will code for Bitcoins
Re: A challenge to the idea that no-one can create a good brainwallet
December 07, 2014, 01:33:57 PM
#30
Quote from: CIYAM on December 07, 2014, 01:26:45 PM
Quote from: itod on December 07, 2014, 01:24:44 PM
If you can't remember it, it can not be called a brainwallet. If you can remember it, it has a fraction of the entropy of any PRNG.

And we have seen broken PRNGs lead to the loss of many Bitcoins already.

I personally trust my own brain more than than a PRNG - if you wish to trust a PRNG that is of course your choice.

As I've added in the edit in my post above, PRNGs have their set of issues. There was a single bigger case of lost bitcoins caused by the known bug in Android PRNG, and the number of coins that where lost was < 100 if I remember correctly + the users where reimbursed by Blockchain.info whose wallet was the app that used Android PRNG mentioned above. The number of bitcoins lost to bad brainwallet is at least an order of magnitude (if not two orders of magnitude) bigger then that. Remember also that that bug was corrected once and for all, while bad brainwallets are generated over and over again. As you've said, everyone has a choice what to use.
jonald_fyookball
legendary
Activity: 1302
Merit: 1008
Core dev leaves me neg feedback #abuse #political
Re: A challenge to the idea that no-one can create a good brainwallet
December 07, 2014, 01:32:00 PM
#29
Quote from: itod on December 07, 2014, 01:24:44 PM
Quote from: jbrnt on December 07, 2014, 01:20:49 PM
I think it is fairly easy to create a brainwallet with enough entropy to protect the coins. It is more challenging to remember the formula with no mistakes a few years from now.

If you can't remember it, it can not be called a brainwallet. If you can remember it, it has a fraction of the entropy of any PRNG.
 

This is absurd.  

1.  Yes, you need LONGER passphrases if they are human generated, but
you can't define the security based on human memory.  My memory
has nothing to do with whether the phrase was generated by
a computer or by a human.

2. IMO, a brain wallet is still a brain wallet if you use it as such
(electrum generated seed for example), regardless of how the
phrase was generated.

3. Some people have very good memories.  Some people
memorize entire books.



CIYAM
legendary
Activity: 1890
Merit: 1086
Ian Knowles - CIYAM Lead Developer
Re: A challenge to the idea that no-one can create a good brainwallet
December 07, 2014, 01:30:06 PM
#28
Quote from: confirmation120 on December 07, 2014, 01:26:26 PM
I am not sure this would be long enough. It may be a good start, but I would say you probably need to have additional words at the end of the the above.

The actual length I used for my brainwallet is longer but not much longer (again I will state that this address was created over 2 years ago and has not been hacked).

Am sure there are some now trying to crack my address but that's okay - this is the experiment I am doing.
CIYAM
legendary
Activity: 1890
Merit: 1086
Ian Knowles - CIYAM Lead Developer
Re: A challenge to the idea that no-one can create a good brainwallet
December 07, 2014, 01:26:45 PM
#27
Quote from: itod on December 07, 2014, 01:24:44 PM
If you can't remember it, it can not be called a brainwallet. If you can remember it, it has a fraction of the entropy of any PRNG.

And we have seen broken PRNGs lead to the loss of many Bitcoins already.

I personally trust my own brain more than than a PRNG - if you wish to trust a PRNG that is of course your choice.
confirmation120
full member
Activity: 224
Merit: 100
Re: A challenge to the idea that no-one can create a good brainwallet
December 07, 2014, 01:26:26 PM
#26
Quote from: CIYAM on December 07, 2014, 12:58:33 PM
buzfap01$02%014STK1456cAonImA;)7

Even at this stage my guess is that we are at a level of pretty safe entropy (provided you have not followed my formula but instead created your own).

I am not sure this would be long enough. It may be a good start, but I would say you probably need to have additional words at the end of the the above.

Quote from: itod on December 07, 2014, 01:12:01 PM
Quote from: CIYAM on December 07, 2014, 11:38:51 AM
I don't dispute that creating brainwallets is not for everyone but I *do dispute* the idea that no-one is capable of creating a decent brainwallet.

Brainwallets just don't produce enough entropy for the seed of your private key. It's known fact that there are several groups with GPU farms creating giant rainbow tables for these purposes. It's generally considered that every passphrase that can be Googled is not secure enough for the brainwallet. There's a guy who reported that passphrase created from the entire poem written in some obscure language (Afrikaans) has been bruteforced. For instance, I've took the four words from your sentence above in random order "capable dispute creating everyone" and it returns 0 hits on Google (until I post this, at least). This may be a good brainwallet by your criteria since if I haven't post it it would be probably safe against attackers for a very, very long time, but it has nowhere close enough entropy compared to any decent PRNG. The question is this: If it's inferior from the security standpoint then any address generated by the Bitcoin-QT wallet, why don't you let the Bitcoin-QT generate the address and after that passphrase protect the wallet with the same "capable dispute creating everyone" passphrase, making it infinitely harder for the attacker since he has to hack your machine first + hack the passphrase, instead of only hacking the passphrase?
I think this was somewhat already addressed. It was mentioned that you should not make your passphraise anything that has ever been published, in any language. If you make it truly random and something that has not been published anywhere then you should be okay. As I mentioned above, something the length of only 4 words is probably not long enough.
itod
legendary
Activity: 1974
Merit: 1077
^ Will code for Bitcoins
Re: A challenge to the idea that no-one can create a good brainwallet
December 07, 2014, 01:24:44 PM
#25
Quote from: jbrnt on December 07, 2014, 01:20:49 PM
I think it is fairly easy to create a brainwallet with enough entropy to protect the coins. It is more challenging to remember the formula with no mistakes a few years from now.

If you can't remember it, it can not be called a brainwallet. If you can remember it, it has a fraction of the entropy of any PRNG.

Edit: although PRNG have their own set of problems which is not the topic here. Nevertheless they are the best tool we have.
CIYAM
legendary
Activity: 1890
Merit: 1086
Ian Knowles - CIYAM Lead Developer
Re: A challenge to the idea that no-one can create a good brainwallet
December 07, 2014, 01:22:27 PM
#24
Quote from: jbrnt on December 07, 2014, 01:20:49 PM
I think it is fairly easy to create a brainwallet with enough entropy to protect the coins. It is more challenging to remember the formula with no mistakes a few years from now.

As stated - I checked the address by remembering my passphrase before I created the topic (so I have managed to remember it now for over 2 years).
jbrnt
hero member
Activity: 672
Merit: 500
Re: A challenge to the idea that no-one can create a good brainwallet
December 07, 2014, 01:20:49 PM
#23
I think it is fairly easy to create a brainwallet with enough entropy to protect the coins. It is more challenging to remember the formula with no mistakes a few years from now.
jonald_fyookball
legendary
Activity: 1302
Merit: 1008
Core dev leaves me neg feedback #abuse #political
Re: A challenge to the idea that no-one can create a good brainwallet
December 07, 2014, 01:19:28 PM
#22
Quote from: itod on December 07, 2014, 01:12:01 PM
Quote from: CIYAM on December 07, 2014, 11:38:51 AM
I don't dispute that creating brainwallets is not for everyone but I *do dispute* the idea that no-one is capable of creating a decent brainwallet.

Brainwallets just don't produce enough entropy for the seed of your private key.

that's the conventional wisdom we are challenging.  there is no reason why this has to be true (even if many people would screw it up).  
itod
legendary
Activity: 1974
Merit: 1077
^ Will code for Bitcoins
Re: A challenge to the idea that no-one can create a good brainwallet
December 07, 2014, 01:18:56 PM
#21
Quote from: CIYAM on December 07, 2014, 01:14:56 PM
@itod - if my brainwallet doesn't have enough entropy then why does it still have 1 BTC?

Because it is "good enough" that rainbow-table-generating guys still haven't cached up with it. The are trying every upper/lower/initial case combination + every spacing combination + 1337-speak combinations of every passphrase their machines can get their hands on. It doesn't mean that sooner or later they will not get you. If you passphrase protect the single instance of the wallet they may try forever, you would be safe.
CIYAM
legendary
Activity: 1890
Merit: 1086
Ian Knowles - CIYAM Lead Developer
Re: A challenge to the idea that no-one can create a good brainwallet
December 07, 2014, 01:14:56 PM
#20
@itod - if my brainwallet doesn't have enough entropy then why does it still have 1 BTC?

I am not against hardening one's brainwallet but my point is rather a simple one - if no-one can possibly come up with a secure brainwallet then why do I still have 1 BTC (I should have zero) and this brainwallet has existed for over 2 years (presumably since I've now made this address public the funds should be gone very soon).

So let's see how quickly I lose the 1 BTC (I have published this address as an experiment).
jonald_fyookball
legendary
Activity: 1302
Merit: 1008
Core dev leaves me neg feedback #abuse #political
Re: A challenge to the idea that no-one can create a good brainwallet
December 07, 2014, 01:12:42 PM
#19
Quote from: CIYAM on December 07, 2014, 01:08:33 PM
Quote from: jonald_fyookball on December 07, 2014, 01:07:04 PM
yes there are many techniques that would be possible.  most important thing is have enough components to ensure high entropy.

Not only enough but not to use stupid things like *famous years* or *football teams that won a grand final*, etc.


well even that would not matter if you had 24 different things in there and the order was jumbled but yes it would be better to use 1842 rather than 1776
Pages:
Bitcoin Forum>Bitcoin>Bitcoin Discussion
Jump to: