Author

Topic: Bitcoin and Diceware (Read 70 times)

hero member
Activity: 714
Merit: 521
September 18, 2023, 05:30:35 AM
#2
While the bias against crypto is not something I am going to talk about, it is the use of diceware passwords for wallet security which I would like to counter.

Thanks for this information updates, i have also seen some people out of carelessness trying to secure their wallet security ended in making it vulnerable for an attack, anything that has to come from a modification of any centralized institution to secure our wallet may also in disguise have another hidden agenda to steal our coins from us, use of bitcoin diceware to generate a wallet password as it has been quoted above could have some ways of exposing us as well to attack, it's not about using a password that guides our bitcoin, the way we handle our private keys matters as welll in other not to get anyone of them compromised, maybe lately some prefer the use of 2FA in this regard.
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
September 18, 2023, 04:08:18 AM
#1
Diceware is the most secure method for you to generate a password for your accounts, as long as you are generating the words safely, whether via an offline webpage or air-gapped computer or just by rolling dice and flipping coins.

However, there is some misinformation on the page's website which I would like to clear up.

FAQ: What are some BAD use cases for Diceware?
You should not use Diceware in any cases where it is highly likely an attacker can get a copy of your encrypted password and use high-volume cracking attempts against it. A bad case--possibly the worst case--for using Diceware would be to secure your BitCoin wallet, because all BitCoin nodes have a copy of the BitCoin Ledger, and an attacker could attempt password cracking your wallet.
Better still, don't use BitCoin. (Seriously, avoid crypto and NFTs.)

While the bias against crypto is not something I am going to talk about, it is the use of diceware passwords for wallet security which I would like to counter.

When you encrypt a Bitcoin Core wallet with a password, the private keys are protected with AES-256-CBC encryption. This is more secure than storing a hash of the password, especially if it is not salted. The fact that you use diceware passwords over a 30 character random password will give it more entropy than the latter password making it harder to crack.

Electrum wallets have an even more secure encryption. An Electrum wallet is protected with:

...If you leave the current default method of full file encryption then it encrypts using AES with a key generated with 1024 rounds of PBKDF2 + HMAC SHA512 plus an EC pt multiply, SHA512 and SHA256 added in for fun.

I would only be guesstimating but looking at Hashcat support for PBKDF2+HMAC-SHA512 it looks like all of this would bring it down to about 3-4 keys/second or less. You would probably instead skip the PBKDF2 and just brute force on the 256 bit final key, which would be slower than just brute forcing private keys.

which basically means that sufficiently long diceware passwords are basically uncrackable with even the latest gen AI GPUs.
Jump to: