A Secure and Redundant Savings Wallet Concept, Hopefully

ThiagoCMC

legendary

Activity: 1204

Merit: 1000

฿itcoin: Currency of Resistance!

Quote from: EricJ2190 on June 21, 2011, 06:04:25 PM

As mentioned by others, simply splitting the wallet, or even an encrypted volume or archive containing the wallet, is not secure. An attacker does not need a whole wallet file to steal from you. All they is a whole private key to an individual address (or enough of it that they can brute force the missing piece) to steal any coins received by that address. With the OP's method, chances are an attacker could steal most if not all of your coins with only one flash drive and your password.

Well, I solved this.

I made a SIMPLE solution, which hosts the entire Bitcoin data (~/.bitcoin) directory, within the "Ubuntu One" free cloud service... Ahh! 100% encrypted by the way...

With no third party softwares.

Take a look at this:

Wallet in the Cloud - Keeping your Bitcoins encrypted and saved into the Cloud!
http://forum.bitcoin.org/index.php?topic=22386.0

What do you guys think about my solution?!

It is really easy to do by everybody... No complications.

And it can be easily changed, or used with a USB pendrive instead a Cloud environment... But always use a Live CD, even to mount your encrypted USB Pendrive.

Cheers!
Thiago

EricJ2190

full member

Activity: 134

Merit: 102

Actually, I noticed that he is also using multiple key files, so you actually would need two of the drives to get the full key to decrypt any of the archive. However, the part about splitting the TrueCrypt volume itself is pointless and unnecessary, as far as I can tell.

johanatan

member

Activity: 84

Merit: 10

Quote from: bcearl on June 27, 2011, 02:04:37 AM

Quote from: johanatan on June 27, 2011, 02:01:54 AM

Quote

If something is made up of 6 parts, and you only have 5 of the parts, and each part is unique, you do not have the whole thing. That is not something I am just hoping, that is fact, I know that if you don't have all 6 parts you don't have all 6 parts.

I haven't read the rest of the thread from here but something you guys seem to be missing (and which is mere speculation on my part as I haven't read the bitcoin client code yet) is that:

-. the wallet.dat file may be entirely useful even in part. For example, consider that the private keys are stored in sequential order with no striping (distribution). Having just one or a few parts of a wallet.dat would then allow you to recover some of the funds (via the private keys it contains).

I think the OP wanted to split the encrypted file. But thats no proof of security either. Without a good argument supporting it, you shouldn't trust it. I agree with you.

Yea, he only mentioned one password and 6 key files. Presumably if you have one of the parts and the password (and one of the key files), then you can get part of the wallet.dat (and thus part of the coins).

bcearl

full member

Activity: 168

Merit: 103

Quote from: johanatan on June 27, 2011, 02:01:54 AM

Quote

If something is made up of 6 parts, and you only have 5 of the parts, and each part is unique, you do not have the whole thing. That is not something I am just hoping, that is fact, I know that if you don't have all 6 parts you don't have all 6 parts.

I haven't read the rest of the thread from here but something you guys seem to be missing (and which is mere speculation on my part as I haven't read the bitcoin client code yet) is that:

-. the wallet.dat file may be entirely useful even in part. For example, consider that the private keys are stored in sequential order with no striping (distribution). Having just one or a few parts of a wallet.dat would then allow you to recover some of the funds (via the private keys it contains).

I think the OP wanted to split the encrypted file. But thats no proof of security either. Without a good argument supporting it, you shouldn't trust it. I agree with you.

johanatan

member

Activity: 84

Merit: 10

Quote

If something is made up of 6 parts, and you only have 5 of the parts, and each part is unique, you do not have the whole thing. That is not something I am just hoping, that is fact, I know that if you don't have all 6 parts you don't have all 6 parts.

I haven't read the rest of the thread from here but something you guys seem to be missing (and which is mere speculation on my part as I haven't read the bitcoin client code yet) is that:

-. the wallet.dat file may be entirely useful even in part. For example, consider that the private keys are stored in sequential order with no striping (distribution). Having just one or a few parts of a wallet.dat would then allow you to recover some of the funds (via the private keys the part contains).

EDIT: Just saw Eric's post. I concur.

bcearl

full member

Activity: 168

Merit: 103

Quote from: Rogue Star on June 26, 2011, 01:34:53 PM

i would agree with not trusting a hidden volume, but could we agree that it would be safer than a non-hidden volume, except perhaps barring damning evidence supporting otherwise?

But what's the advantage compared with an AES-encrypted file that you delete? It is still on disk, but looks like random data. And it has a major advantage: It is way smaller and looks way less suspicious than a 5 gigabyte blob (perhaps with macroscopic patterns of a TrueCrypt hidden volume).

Rogue Star

member

Activity: 89

Merit: 10

i would agree with not trusting a hidden volume, but could we agree that it would be safer than a non-hidden volume, except perhaps barring damning evidence supporting otherwise?

bcearl

full member

Activity: 168

Merit: 103

Quote from: Dirt Rider on June 23, 2011, 09:44:13 AM

Quote from: bcearl on June 23, 2011, 01:44:37 AM

It is an unsupported claim of TrueCrypt, you should not trust it.

Their website and all of their documentation would lead one to believe otherwise. I have experiemented with the feature personally and have yet to see anything (other then your suggestion) that suggests that it shouldn't be used. I don't suppose you have any supporting information you'd like to share?

That's not the point. They have to prove that their claim is true. Until they haven't done that, you should not trust it. That's the only way to do security.

Dirt Rider

member

Activity: 111

Merit: 10

Quote from: bcearl on June 23, 2011, 01:44:37 AM

It is an unsupported claim of TrueCrypt, you should not trust it.

Their website and all of their documentation would lead one to believe otherwise. I have experiemented with the feature personally and have yet to see anything (other then your suggestion) that suggests that it shouldn't be used. I don't suppose you have any supporting information you'd like to share?

bcearl

full member

Activity: 168

Merit: 103

Quote from: Dirt Rider on June 22, 2011, 04:51:21 PM

Quote from: bcearl on June 22, 2011, 04:12:25 PM

Except that the hidden volume isn't actually hidden.

Based on my understanding it is hidden, hence it's name, hidden volume. Do you have some information that suggests otherwise?

It is an unsupported claim of TrueCrypt, you should not trust it.

Dirt Rider

member

Activity: 111

Merit: 10

Quote from: EricJ2190 on June 21, 2011, 06:04:25 PM

As mentioned by others, simply splitting the wallet, or even an encrypted volume or archive containing the wallet, is not secure. An attacker does not need a whole wallet file to steal from you. All they is a whole private key to an individual address (or enough of it that they can brute force the missing piece) to steal any coins received by that address. With the OP's method, chances are an attacker could steal most if not all of your coins with only one flash drive and your password.

If you don't have the entire encrypted volume file, and you don't have all of the encryption key files that the volume was encrypted with, how exactly do you go about unencrypting the volume and accessing what data is there?

Dirt Rider

member

Activity: 111

Merit: 10

Quote from: bcearl on June 22, 2011, 04:12:25 PM

Except that the hidden volume isn't actually hidden.

Based on my understanding it is hidden, hence it's name, hidden volume. Do you have some information that suggests otherwise?

bcearl

full member

Activity: 168

Merit: 103

Quote from: Dirt Rider on June 21, 2011, 04:22:29 PM

Quote from: Sottilde on June 21, 2011, 04:08:34 PM

Why not just create a split WinRAR archive with a strong password and do the same with the USB keys? Seems an awful lot easier to me than messing with TrueCrypt.

That would work just fine also - how the wallet is encrypted and split is a matter of personal preference. However, the hidden volume option with TrueCrypt is interesting - allows you to essentially have 2 different passwords, one would only allow access to a decoy wallet, with a tiny amount of BTC and no way to prove the hidden volume (with the real savings wallet) even exists.

Except that the hidden volume isn't actually hidden.

EricJ2190

full member

Activity: 134

Merit: 102

As mentioned by others, simply splitting the wallet, or even an encrypted volume or archive containing the wallet, is not secure. An attacker does not need a whole wallet file to steal from you. All they is a whole private key to an individual address (or enough of it that they can brute force the missing piece) to steal any coins received by that address. With the OP's method, chances are an attacker could steal most if not all of your coins with only one flash drive and your password.

Dirt Rider

member

Activity: 111

Merit: 10

Quote from: Sottilde on June 21, 2011, 04:08:34 PM

Why not just create a split WinRAR archive with a strong password and do the same with the USB keys? Seems an awful lot easier to me than messing with TrueCrypt.

That would work just fine also - how the wallet is encrypted and split is a matter of personal preference. However, the hidden volume option with TrueCrypt is interesting - allows you to essentially have 2 different passwords, one would only allow access to a decoy wallet, with a tiny amount of BTC and no way to prove the hidden volume (with the real savings wallet) even exists.

Sottilde

newbie

Activity: 10

Merit: 0

Why not just create a split WinRAR archive with a strong password and do the same with the USB keys? Seems an awful lot easier to me than messing with TrueCrypt.

Dirt Rider

member

Activity: 111

Merit: 10

Quote from: Vladimir on June 19, 2011, 07:02:57 AM

Than if someone tries to take your bitcoin QR laser you do this http://www.youtube.com/watch?v=kg8lDZXyvMQ

Other then the few decades of training, I like this idea - maybe I can hire a hapkimudo bodyguard! Know any that will work for BTC?

Hey bcearl, will this pass as a "proven" approach?

Dirt Rider

member

Activity: 111

Merit: 10

Quote from: bcearl on June 18, 2011, 02:47:31 PM

In my opinion everybody is free to do as he likes, but when people start to spread their unproven ideas to other users (who may be noobs who just follow the advice without having the capabilities to review it themselves) I get a little upset.

Hence why the word "Hopefully" is included in the thread title, and why I worded the OP as I did. I am sorry that my thread has "upset" you. But regardless of who I might upset, I don't have any qualms about throwing out an idea that I have personally tested, that I personally have faith in, and I believe provides more security and redundancy than many of the other concepts that other's have presented. Is this forum not the ideal place to present such ideas to the community for feedback?

And, unless I am missing something, we have yet to come up with a reason why this concept should specifically NOT be used. I for one would never suggest that ANY of the concepts presented to date are perfect and are ideal for anyone and everyone to use.

Dirt Rider

member

Activity: 111

Merit: 10

Quote from: ben-abuya on June 18, 2011, 05:54:37 PM

http://point-at-infinity.org/ssss/

Thanks for the link! It is for Linux only apparently but there are other implementations at the bottom of the wiki page previously referenced by bcearl: http://en.wikipedia.org/wiki/Shamir%27s_Secret_Sharing

Quote from: ben-abuya on June 18, 2011, 05:54:37 PM

... You're putting almost all your trust into the safe deposit box.... The passphrase is sitting right next to it so it doesn't really serve a purpose in this scenario...

Actually no, because there is only 1 USB in that safe deposit box and it does not include all required pieces, I will need 2 of the 6 to have everything needed to access the wallet.

Quote from: ben-abuya on June 18, 2011, 05:54:37 PM

Each extra piece is also a risk because you could lock yourself out even without a thief...

In order to lose a wallet or lock myself out, I would need to lose 5 of the USBs or 5 would have to go bad or be otherwise unusable, or I would have to lose the passphrase, but that will be stored in a few different locations (separate from the USBs with the exception of the one in the safe box). Or as you suggested, I could just not use a passphrase at all.

Thanks for the response and feedback!

Vladimir

hero member

Activity: 812

Merit: 1001

-

A miniature carrot shaped laser which projects your bitcoin keys as QR code on a wall. This laser is surgically implanted in your hip. This in combination with a few decades of intense hapkimudo (http://www.youtube.com/watch?v=GOCgfuajpJs http://www.youtube.com/watch?v=M64skAfLIZc http://www.youtube.com/watch?v=NrWCYk6_4cg ohh and of course this one too http://www.youtube.com/watch?v=1PMhkUH8ARU Grin

) training should make it fairly secure.

Than if someone tries to take your bitcoin QR laser you do this http://www.youtube.com/watch?v=kg8lDZXyvMQ

Topic: A Secure and Redundant Savings Wallet Concept, Hopefully (Read 5081 times)