Pages:
Author

Topic: [ANN] bitaddress.org Safe JavaScript Bitcoin address/private key - page 14. (Read 153479 times)

sr. member
Activity: 337
Merit: 250
SHA1 hash does not match.  I get:  49713367a1fa3f9ed189702064fd7cc5c3584699
legendary
Activity: 1264
Merit: 1008
Has anybody noticed CVE-2014-6342?  
http://www.symantec.com/security_response/vulnerability.jsp?bid=70341

Many hosts are now actively blocking bitaddress.org.html. 

It seems that our method of stuffing a png file in a webpage is no longer compliant.  Is there a branch out there that uses a different style?  
legendary
Activity: 840
Merit: 1000
I understand that Devs don't like Brainwallets because they know people are going to resort to the same sort of easy to remember  passwords that they already use.
What's needed is a way of hardening private keys generated by Brainwallets from attack from Rainbow table generation.

I understand that the way brainwallets are created now is   Sha256(Pswd)

Wouldn't a simple way to slow down the creation of rainbow tables be to use Sha256(Bcrypt(Pswd))

It would never protect a truly bad password like 'password123' but would help harden moderately good passwords. from attack.



Sounds good.
legendary
Activity: 840
Merit: 1000
I've checked out the GitHub-repo, in order to fork it for a Mooncoin-paper-wallet-solution.
Can anyone here give me hint on how to adapt the relevant places in the code, in order to make it work with Mooncoin?

Thank you in advance. To the MOON!  Wink
hero member
Activity: 784
Merit: 500
Great site and repo, lot of thanks. Great you implemented BIP38 encryption also!
legendary
Activity: 1512
Merit: 1012
French Translation about the notice.

Quote
Official Notice ... displayed on the French menu



A Bitcoin wallet is as simple as a single pairing of a Bitcoin address with it's corresponding Bitcoin private key. Such a wallet has been generated for you in your web browser and is displayed above.

To safeguard this wallet you must print or otherwise record the Bitcoin address and private key. It is important to make a backup copy of the private key and store it in a safe location. This site does not have knowledge of your private key. If you are familiar with PGP you can download this all-in-one HTML page and check that you have an authentic version from the author of this site by matching the SHA1 hash of this HTML with the SHA1 hash available in the signed version history document linked on the footer of this site. If you leave/refresh the site or press the Generate New Address button then a new private key will be generated and the previously displayed private key will not be retrievable. Your Bitcoin private key should be kept a secret. Whomever you share the private key with has access to spend all the bitcoins associated with that address. If you print your wallet then store it in a zip lock bag to keep it safe from water. Treat a paper wallet like cash.

Add funds to this wallet by instructing others to send bitcoins to your Bitcoin address.

Check your balance by going to blockchain.info or blockexplorer.com and entering your Bitcoin address.

Spend your bitcoins by going to blockchain.info and sweep the full balance of your private key into your account at their website. You can also spend your funds by downloading one of the popular bitcoin p2p clients and importing your private key to the p2p client wallet. Keep in mind when you import your single key to a bitcoin p2p client and spend funds your key will be bundled with other private keys in the p2p client wallet. When you perform a transaction your change will be sent to another bitcoin address within the p2p client wallet. You must then backup the p2p client wallet and keep it safe as your remaining bitcoins will be stored there. Satoshi advised that one should never delete a wallet.



Quote
French translation



Un porte-monnaie Bitcoin est aussi simple qu'une paire d'adresses Bitcoin dont une correspond à l'adresse privée Bitcoin.
Ce porte-monnaie affiché a été généré pour vous dans votre propre navigateur internet et est donc affiché ci-dessus.

Pour garder en sécurité ce porte-monnaie, vous devez l'imprimer ou, alternativement, enregistrer l'adresse de réception Bitcoin et la clé privée. Il est important de créer une copie de sauvegarde de la clé privée et de la stocker à un endroit sûr. Ce site n'a aucune base prédéterminée ou de sauvegarde de votre clé privée. Si vous êtes initiés à PGP, vous pouvez télécharger la version toute-en-1 de la page HTML et ainsi vérifier que vous avez une version authentique issue de l'auteur du site en comparant l'encryptage SHA1 de votre page HTML sauvegardée avec l'encryptage SHA1 disponible sur l'historique certifiée indiquée en bas de ce site. Si vous quittez ou rafraichissez ce site ou que vous appuyez sur "générer une nouvelle adresse" ... alors une nouvelle clé privée sera générée et la précédente clé privée affichée ne pourra plus être retrouvée. Votre clé privée Bitcoin doit être gardée secrète. Celui qui connaît la clé privée aura la possibilité de vider tous les bitcoins accumulés et associés à l'adresse de réception. Si vous imprimez le porte-monnaie, pensez à le mettre à l'abri de l'eau dans un sac étanche. Traitez le porte-monnaie papier comme de l'argent en espèces et billets.

Pour ajouter des fonds à votre porte-monnaie, indiquez d'envoyer les Bitcoins à votre adresse de réception.

Vérifier le contenu de votre porte-monnaie en consultant blockchain.info ou blockexplorer.com et en y tapant votre adresse de réception Bitcoin.

Pour dépenser vos bitcoins, allez sur blockchain.info et transférez l'ensemble des fonds de votre adresse privée vers le compte de ce site. Vous pouvez, aussi, dépenser vos fonds en téléchargeant un des programmes P2P bitcoin populaires et en y important votre clé privée dans un porte-monnaie P2P. Gardez à l'esprit que quand vous importez votre clé privée dans le programme P2P bitcoin et que vous dépensez vos fonds, votre clé privée sera intégrée avec d'autres clés privées dans le porte-monnaie P2P. Quand vous effectuez une transaction, le changement sera envoyé sur une autre adresse bitcoin privée à l'intérieur du porte-monnaie P2P. Vous DEVEZ, alors, faire une sauvegarde du porte-monnaie P2P et le garder en sécurité car l'ensemble des bitcoins restant y sera stocké. Satoshi a averti qu'il ne faudrait jamais supprimer un porte-monnaie.

legendary
Activity: 1358
Merit: 1001
https://gliph.me/hUF
In addition to the "Print" buttons, would it be possible to also add a "Save" button so that the wallet information could be saved on removable storage (for example, SD Card running Raspberry PI)?

Which OS are you using? You don't have the "Print as .pdf" option in your printer dialog?

Edit: Ok, RPi Wink  No option like that?
newbie
Activity: 8
Merit: 0
In addition to the "Print" buttons, would it be possible to also add a "Save" button so that the wallet information could be saved on removable storage (for example, SD Card running Raspberry PI)?
legendary
Activity: 1876
Merit: 1475
Could you possibly make a wallet using a deck of cards? There are an insane amount of combinations possible, and you could at least just make a brainwallet by putting in the cards in order. Then you can just keep the deck in that order to save it.

Yes. Just shuffle a deck well and deal a few cards then enter them, using a code for each card, as the password in a brain wallet generator. Something like 1H for ace of hearts and KS for king of spades.

You need to pick the entropy you want, which will give you how many cards are needed in the deal. The whole deck gives you 52! combinations or 226 bits of entropy. You probably don't need much more than 100 bits though - so, fewer cards.

Number   Bits of
of cards   Entropy
15               82
16               87
17               93
18               98
19               103
20               108
21               113
22               118
23               123
24               128
25               132



I found this idea very interested and just finished creating and Android app to do that: Deck Wallet.

https://bitcointalk.org/?topic=811397

Any feedback is appreciated.
sr. member
Activity: 437
Merit: 415
1ninja
pointbiz

SHA1 is compromised and it is possible to make file with the same SHA1 hash like published here in the first page.

Can you change verification algorithm with some more secure, please?

I can consider switching to SHA256 however can you provide a link that proves SHA1 collision resistance is compromised?
sr. member
Activity: 437
Merit: 415
1ninja
Hi,

I'm trying to create a BIP38 password protected paper wallet on windows XP 32bit using firefox 30 but it never completes the task, opening the web console I see an out of memory exception a few seconds after it starts making them.

See attached image.

http://imgur.com/BNjhW2r

Normal paper wallets are created without problems.

Best regards.

spiccioli


There are minimum hardware requirements for BIP38 so there won't be any way to fix this.
sr. member
Activity: 437
Merit: 415
1ninja
new SSL fingerprint for cert expiring sept 2019
44:29:59:A4:66:44:C7:EC:43:DF:22:AE:1A:B3:9E:E3:64:44:10:F8
legendary
Activity: 1358
Merit: 1001
https://gliph.me/hUF
Would it be possible (make sense) to let us use our own generated private keys for the split wallet? I.e. a box on that tab to paste a private key?

Of course it makes sense. I was so annoyed because of this feature missing that I decided to start learning javascript. Because I am not a programmer it took me one whole day to figure it out.

Under "splitKey: function" replace the line:
var key = new Bitcoin.ECKey(false)

with this line:
var mykey = document.getElementById("combineinput").value.replace(/^\s+|\s+$/g, "").toString();
if ("combineinput" == "") {var key = new Bitcoin.ECKey(false)} else {var key = new Bitcoin.ECKey(mykey)};


Now you can enter your private key into the box under "Enter Available Shares (whitespace separated)" and press the generate button. If you leave the box empty it will generate (and split) new private key.



Excellent effort! I will give it a go.

Did you submit a pull request?
newbie
Activity: 1
Merit: 0
Would it be possible (make sense) to let us use our own generated private keys for the split wallet? I.e. a box on that tab to paste a private key?

Of course it makes sense. I was so annoyed because of this feature missing that I decided to start learning javascript. Because I am not a programmer it took me one whole day to figure it out.

Under "splitKey: function" replace the line:
var key = new Bitcoin.ECKey(false)

with this line:
var mykey = document.getElementById("combineinput").value.replace(/^\s+|\s+$/g, "").toString();
if ("combineinput" == "") {var key = new Bitcoin.ECKey(false)} else {var key = new Bitcoin.ECKey(mykey)};


Now you can enter your private key into the box under "Enter Available Shares (whitespace separated)" and press the generate button. If you leave the box empty it will generate (and split) new private key.

hero member
Activity: 700
Merit: 500
Is there a way to take this website offline and put it on a thumb drive or a external hard drive. Maybe even a smart phone?

You can just download it from GitHub:
https://github.com/pointbiz/bitaddress.org
legendary
Activity: 978
Merit: 1001
Is there a way to take this website offline and put it on a thumb drive or a external hard drive. Maybe even a smart phone?
legendary
Activity: 1379
Merit: 1003
nec sine labore
Hi,

I'm trying to create a BIP38 password protected paper wallet on windows XP 32bit using firefox 30 but it never completes the task, opening the web console I see an out of memory exception a few seconds after it starts making them.

See attached image.

http://imgur.com/BNjhW2r

Normal paper wallets are created without problems.

Best regards.

spiccioli
full member
Activity: 474
Merit: 111
I understand that Devs don't like Brainwallets because they know people are going to resort to the same sort of easy to remember  passwords that they already use.
What's needed is a way of hardening private keys generated by Brainwallets from attack from Rainbow table generation.

I understand that the way brainwallets are created now is   Sha256(Pswd)

Wouldn't a simple way to slow down the creation of rainbow tables be to use Sha256(Bcrypt(Pswd))

It would never protect a truly bad password like 'password123' but would help harden moderately good passwords. from attack.

legendary
Activity: 1358
Merit: 1001
https://gliph.me/hUF
Would it be possible (make sense) to let us use our own generated private keys for the split wallet? I.e. a box on that tab to paste a private key?
newbie
Activity: 18
Merit: 0
pointbiz

SHA1 is compromised and it is possible to make file with the same SHA1 hash like published here in the first page.

Can you change verification algorithm with some more secure, please?
Pages:
Jump to: