Author

Topic: Cold storage hybrid wallet idea - criticism welcomed! (Read 470 times)

member
Activity: 104
Merit: 10
Hi everyone,

Here is my idea for how I was going to keep my coins for long term saving. It is kind of a hybrid cold storage/ brain wallet idea. I liked the idea of convenience provided by a brainwallet, but not the potential risk that a password without enough entropy would eventually be hacked. I also wanted to be able to keep my private key in some form where it could be accessed anywhere in the world. So anyway here is my plan:

1) Generate a standard public/private key pair using bitaddress.org offline on a fresh OS install, never been connected to internet.
2) I will then encrypt the bitcoin private key using AES encryption. The AES decryption key will be a long seemingly random password, for example:

Full Decryption Key: 123452335 BBBA HP136QT

However, this password will actually be remembered using a mnemomic reminder that would only make sense to me e.g.:

Decryption Key Mnemomic: SS EDEXAM PC1

Where:

SS= social security number
EDEXAM = my exam results
PC1 = Zipcode of my first house

I won't keep the full AES decryption key written out in full anywhere. I will only write down/memorize the mnemonic, from which I could later construct the full decryption key. The only time I would ever write out the full decryption key would be in the *offline* decryption software, when decrypting my bitcoin private key.

By doing this, I will actually be able to store both the encrypted private key, and the mnemomic (not the full decryption key!) in a fairly unsecure but convenient place, lets say my gmail account, and email it to a few other reasonably secure (but not necessarily infallible) places... so I would email the following two bits of information to myself:

AES Encrypted private key: U2FsdGVkX19a7dz/OAYELQsjCiGl90GH0XSRAhtY4y2d61s8Byclz7/wMaRNA5ca
Decryption key Mnemonic: SS EDEXAM PC1

This to me provides the advantage of not needing to keep a physical paper wallet anywhere, which is not convenient and could still be lost in fire or theft, etc. I would be able to get access to my wallet from anywhere, but only after decypting the private key, which is only possible using the mnemomic that only makes sense to me. I would probably keep a paper wallet backup, but this would still be the encrypted form of the key, with the mnemonic - not the raw private key itself. It would not be clear to a potential attacker that the encrypted private key has anything to do with bitcoin whatsoever. 

The full decryption key will actually be a lot longer and more complicated/abstract than this example which was only based on 3 bits of info.

I hope that makes sense. Does anybody see any flaws with this idea?

Many thanks!

Alex
Jump to: