Topic: [ANN] bitaddress.org Safe JavaScript Bitcoin address/private key - page 7. (Read 152995 times)

Anyone can guarantee for using these service? I mean, how if site got hacked

Your coins were sent to 1A8hjfvXMeiss9fEtpS5qGSFAa28MdXqDQ.

Hi. I think a brain wallet made from BitAddress.org got hacked.
The brain term was 15 characters long. Is that sufficient?

I'm new to much of this - but here is the PUBLIC address of the wallet:
12ZcsaB7DhDvWjkDAA59E3gfd8SXdDfRKV

I'm trying to read this on blockchain.info
I'm trying to find the address that the final .5 bitcoin was xferred to on 11/13/2016
I think i'm reading something wrong because the address I think it goes to has a larger balance but shows only (1) transaction. I can't see how that could be. Could someone help me understand this?
What is the address that the last transaction goes to?

Thanks so much...

That means, it is still insecure.

love Bitaddress.org !

but a better implementation of a BrainWallet is WarpWallet because it needs more computing resources to attack it.

https://keybase.io/warp

Nice work!
Keep on!

^^ Very interesting analysis you wrote right here but don't forget that Bitaddress' core business is Paper Wallet not Brainwallet.

Your post might be interpreted in many other manners... 

Devs do not suggest people use Brainwallets because humans can Never come up with something
as cryptographically secure as a truly random number.
One of the problems Bitcoin has is the speed with which a Sha256 Hash can be calculated from a password in put.
Billions of Hashes per second are possible today with a modern PC and decent graphics card.

Here's the basics of passwords.

Let's imagine you had to create a password, but were only allowed to use 1 letter for your password.
That would mean your password is one of only 26 possibilities (assuming our English alphabet)

Mathematically that would be represented as 26 to the power 1 which equals 26.

Now imagine we were allowed two letters in our password, it could be anything from aa, ab,ac...az, ba, bb...zz
The number of possibilities would then be 26 to the power 2.

Now imagine we are allowed to use both upper and lower characters, this would give a possible number of
combinations as 52 to the power 2.

Add in the numerical digits and we have 62 to the power 2 (remember we can only use 2 alphanumeric chars at this point)

Now let us add in say, 10 Special Characters eg, - + { [ ] } * £ $ %

Now we have 72 to the power 2 (72 squared possibilities) where the 2 comes from the number of characters we are alloweed to use.

Now let us be allowed to use 8 characters in our password.

That gives us a number of possible combinations as 72 to the power 8 which is  722,204,136,308,736

722 Trillion possible combinations.

While that sounds a lot of possibilities, remember, computers can calculate Sha 256 Hashes at a rate of Billion per second,
assuming a single PC (IE not including multiple PCs working together as in a Botnet, or a Govt or Private Supercomputer)

a Trillion is only 1000 x a Billion, so this means a PC could theoretically calculate all the possible hashes of an 8 char password in
1000 seconds (roughly)

In order to keep our password out of the clutches of hackers, we need Trillions of Trillions of Possibilities at least.

That means we need at least another 3 characters, at a bare minimum, even that would barely take us out of the reach of
Hackers using Brute force methods.
So we need 8 + another 10 characters at least, let's say twenty characters.

You might want to try input on your calculator what 72 to the power 20 is...
It's a huge number ~ 1.4   X 10^37   way out of the reach of any Hacker using a PC and possibly out of the reach of a Govt agency
using a super computer.

It's tempting to think then that if I have a brainwallet password that's 20 characters long, then it's secure enough and the answer
is that it might not be.
The problem is that Hackers have several character sets they can use, they can use dictionary words like Mike, or Church or Kitten.
While the word 'Kitten' has 6 characters in it, it should really only be calculated as one character because it's a dictionary word.
It's trivial for a modern PC to go through all the words in the dictionary, therefore any words you use in your brainwallet password
should be calculated as 1 character, not 6 as in the case of kitten.

Eg, if your brainwallet password is ***Robert-14091963***  A password that might be used by someone called Robert who was born on
14/09/1963

This is 21 characters long, Mathematically it might appear to be highly secure, but remember, there are far fewer 6 letter words
than the random 52^6 possibilities that it replaces.
In other words, we've reduced the strength of our password by 52^6 Ie we're reduced our password strength by 19 Trillion.
Many passwords will also have a birthdate in them, eg, 14091963  the problem with using a birthday in your password is that noone
alive today was born after 1900 (OK, a few exceptions) this means that there are very much fewer possibilities
because no one for example was born in 1658 (although someone might use that date, but the vast majority of birthdates
used in brainwallet passwords is going to be from Jan 1st 1900 onwards.  
a mere 117 years, x 365 days, a mere 42,000 possibilities, which is trivial for a PC to run through.

As a crude calculation, if you have used in your password, a name and a birthdate, the name and the birthdate
should be treated as 1 character each.

This means that cryptographically, our Password above ***Robert-14091963*** should not be regarded as a 21 character
password, but as a 9 character password.

This is well within the reach of Brainwallet hackers.

Personally, I love the concept of Brainwallets, they allow people to effectively store wealth in their head, but it's very important
that people understand their potential weaknesses, if used naively.

There are a number of solutions to this, being more cryptic with your passwords, increasing the length etc.
Another way is to generate your Bitcoin, Sha256 hashes (Public and private keys) using a much slower hashing algorithm.
This is the method chosen by Warpwallet.

https://keybase.io/warp/warp_1.0.8_SHA256_5111a723fe008dbf628237023e6f2de72c7953f8bb4265d5c16fc9fd79384b7a.html

Note the Sha256 hash

Here's a discussion on Warp wallet on reddit

https://www.reddit.com/r/Bitcoin/comments/37s8bj/psa_warp_wallet_is_a_much_better_brain_wallet/

The purpose of this post is not to suggest one method over another but to hopefully illustrate why they must be
used with a Great deal of thought, as does any method in storing cryptocurrencies.

  

That's it, well spotted, saved the pages as HTML only and the Sha256 Hash is now :-

dec17c07685e1870960903d8f58090475b25af946fe95a734f88408cef4aa194

As it should be.

Thanks for taking the time to look in to this,
Now I know I can trust the page offline.

You must save the page as "HTML only" otherwise the browser returns a version with different spacing and HTML tags the browser slightly alters.

at https://bitaddress.org The url is :-

https://www.bitaddress.org/bitaddress.org-v3.3.0-SHA256-dec17c07685e1870960903d8f58090475b25af946fe95a734f88408cef4aa194.html

I'd expect the Sha256 Hash of the downloaded file to be dec17c07685e1870960903d8f58090475b25af946fe95a734f88408cef4aa194

However, after downloading the file and checking it with a Sha256 CRC it gives a Sha256 Hash of

739DDD62F01F06DDA02E7E69AEA9AF7526AB2349F02372619B92C5A952E02E6B

Where did I make a mistake.

It's saying the signature is good for the key:


but that it has no way of checking that the key you used is the correct one.

Anyone can make a key for [email protected]. You need to check that you have the right one. If you do, everything is fine, and you can ignore the warning.

v3.3.0
https://www.bitaddress.org/bitaddress.org-v3.3.0-SHA256-dec17c07685e1870960903d8f58090475b25af946fe95a734f88408cef4aa194.html
 - remove support for IE8
 - small translations updates for hu and pt-br

Thanks for checksum validation fix!

v3.2.3
https://www.bitaddress.org/bitaddress.org-v3.2.3-SHA256-c9a0bb3ed50aa75a5ae9c606d81e3fd41a4ff686ad38ad5379e2402f481e79a4.html
 - wallet details: show error when checksum validation fails
 - wallet details: show error when private key outside of curve range

No they dont have to and they should not as they are unable to actually verify your identity[1]. The important part is that signature is valid, which it is:
"gpg: Good signature from "pointbiz <[email protected]>""

Whether or not the key should be trusted has nothing to do with the verification of the code, its about verification of the key used to sign. If you just not want to see the message, sign the key locally with --lsign-key.


[1] I guess it depends how you use the WoT here.

Yeah he has to sign my key or Web of Trust

In the original post I put my key fingerprint
527B 5C82 B1F6 B2DB 72A0 ECBF 8749 7B91 6397 4F5A

There is an issue on github where I also list the fingerprint and on bitaddress.org

If one of the 3 doesn't match then something has happened.

I think you have to add his PGP key to your keyring, or you have to sign his key first.

Got another quick question, trying to test the PGP and SHA256 of the files.

Here is what I did following the first post in this thread with the updated signatures.


IN the end I get a WARNING however