Author

Topic: BrainWalletCoin (Read 553 times)

full member
Activity: 474
Merit: 111
June 12, 2014, 07:32:29 PM
#5
But doesn't that method solve the problem, I'm no cryptographer, but as I understand it, Bcrypt is thousands of times slower that Sha256.

Thinking about  Brainwallet org   or   Bitaddress org
So adding in a Bcrypt step   Sha256(Bcrypt(Pswd)))   makes the resultant public private key pair many orders of magnitude resistant to rainbow and  dictionary attacks.
Though it makes no difference to social engineering attacks, if they know you always use LetMeInNow then....

Bcrypt is also adjustable in that you can decide how many iterations it goes through, that creates a potential problem in  that one site might choose 500 iterations, and another differently so ideally, the user should set the  the number of iterations.
Eg Albert's-BTC-Addr-#3  12101963   (a memorable  birthdate determines the number of iterations)
So the iteration becomes a bit like salting.

Its easily remembered. but many orders of magnitude safer  than  Sha256(Albert's-BTC-Addr-#3)

Which is really a bad Pass wd because there are many many Alberts in the world and I would imagine many many people will have used or will use something like BTC-Addr in their Passphrase.
member
Activity: 98
Merit: 10
May 19, 2014, 08:51:12 PM
#4
As far as security goes, you might be horrified to find mind control is more common than expected.
Remote manipulation of bodily organs sure isn't science fiction, in some cases people may be better off not knowing their PK.

This is true.  Trust me.
member
Activity: 71
Merit: 10
May 18, 2014, 07:49:42 PM
#3
As far as security goes, you might be horrified to find mind control is more common than expected.
Remote manipulation of bodily organs sure isn't science fiction, in some cases people may be better off not knowing their PK.
Brain wallets are probably a very good choice for most people, of course.

I support your endeavor.

sr. member
Activity: 581
Merit: 253
May 18, 2014, 07:09:24 PM
#2
There is nothing stopping you to generate a private key from a really long random passphrase and then import it to bitcoin.
You can also keep your PK on a USB stick off line. Any brain wallet I think will suffer from rainbow table attacks unless you can seed the PK from a random long phrase.
full member
Activity: 474
Merit: 111
May 13, 2014, 11:47:39 AM
#1
The ability to store wealth in your head with a Pass phrase has got to be a big plus with
Cryptocurrencies.

Although it can be done with Bitcoin, it is weak in that the Sha256 hash function is vulnerable to
rainbow table attacks.

A crypto that addressed this issue would offer significant advantages to people wanting to secure some of their wealth, providing
they were willing to accept the responsibility for memorising their passphrase.

Could Bitcoin be altered so that it utilised bcrypt, maybe Brain wallet services like Bitaddress.org could be modified to use the function

Sha256(bcrypt(Passphrase))

Is that the simplest way of hardening the use of Brainwallets.

Could bitcoin be modified to harden BTC Brainwallets from attack or would it require another coin.
Jump to: