But doesn't that method solve the problem, I'm no cryptographer, but as I understand it, Bcrypt is thousands of times slower that Sha256.
Thinking about Brainwallet org or Bitaddress org
So adding in a Bcrypt step Sha256(Bcrypt(Pswd))) makes the resultant public private key pair many orders of magnitude resistant to rainbow and dictionary attacks.
Though it makes no difference to social engineering attacks, if they know you always use LetMeInNow then....
Bcrypt is also adjustable in that you can decide how many iterations it goes through, that creates a potential problem in that one site might choose 500 iterations, and another differently so ideally, the user should set the the number of iterations.
Eg Albert's-BTC-Addr-#3 12101963 (a memorable birthdate determines the number of iterations)
So the iteration becomes a bit like salting.
Its easily remembered. but many orders of magnitude safer than Sha256(Albert's-BTC-Addr-#3)
Which is really a bad Pass wd because there are many many Alberts in the world and I would imagine many many people will have used or will use something like BTC-Addr in their Passphrase.
Topic: BrainWalletCoin (Read 528 times)
As far as security goes, you might be horrified to find mind control is more common than expected.
Remote manipulation of bodily organs sure isn't science fiction, in some cases people may be better off not knowing their PK.
Remote manipulation of bodily organs sure isn't science fiction, in some cases people may be better off not knowing their PK.
This is true. Trust me.
As far as security goes, you might be horrified to find mind control is more common than expected.
Remote manipulation of bodily organs sure isn't science fiction, in some cases people may be better off not knowing their PK.
Brain wallets are probably a very good choice for most people, of course.
I support your endeavor.
Remote manipulation of bodily organs sure isn't science fiction, in some cases people may be better off not knowing their PK.
Brain wallets are probably a very good choice for most people, of course.
I support your endeavor.
There is nothing stopping you to generate a private key from a really long random passphrase and then import it to bitcoin.
You can also keep your PK on a USB stick off line. Any brain wallet I think will suffer from rainbow table attacks unless you can seed the PK from a random long phrase.
You can also keep your PK on a USB stick off line. Any brain wallet I think will suffer from rainbow table attacks unless you can seed the PK from a random long phrase.
The ability to store wealth in your head with a Pass phrase has got to be a big plus with
Cryptocurrencies.
Although it can be done with Bitcoin, it is weak in that the Sha256 hash function is vulnerable to
rainbow table attacks.
A crypto that addressed this issue would offer significant advantages to people wanting to secure some of their wealth, providing
they were willing to accept the responsibility for memorising their passphrase.
Could Bitcoin be altered so that it utilised bcrypt, maybe Brain wallet services like Bitaddress.org could be modified to use the function
Sha256(bcrypt(Passphrase))
Is that the simplest way of hardening the use of Brainwallets.
Could bitcoin be modified to harden BTC Brainwallets from attack or would it require another coin.
Cryptocurrencies.
Although it can be done with Bitcoin, it is weak in that the Sha256 hash function is vulnerable to
rainbow table attacks.
A crypto that addressed this issue would offer significant advantages to people wanting to secure some of their wealth, providing
they were willing to accept the responsibility for memorising their passphrase.
Could Bitcoin be altered so that it utilised bcrypt, maybe Brain wallet services like Bitaddress.org could be modified to use the function
Sha256(bcrypt(Passphrase))
Is that the simplest way of hardening the use of Brainwallets.
Could bitcoin be modified to harden BTC Brainwallets from attack or would it require another coin.
Jump to: