Pages:
Author

Topic: GnuPG versus TrueCrypt (Read 28791 times)

legendary
Activity: 3920
Merit: 2349
Eadem mutata resurgo
August 01, 2011, 10:52:38 PM
#90
Quote
It is my belief that bitcoin is not yet ready for users uncomfortable with the command line,

I agree.

It should be the first question someone asks an exchange before committing funds ... "do you have someone on your team who can do CLI encryption and bitcoind calls?"
sr. member
Activity: 322
Merit: 251
FirstBits: 168Bc
August 01, 2011, 12:26:58 PM
#89
Versioned backups let me sleep soundly at night. I commit all of my symmetrically encrypted wallets into a git repository (any version control system will work, though DVCS have advantages), commit locally after every use and push/sync/replicate periodically.

TrueCrypt will likely expose all of your keys during each use, whereas encrypting individual wallets puts your eggs into multiple lighter baskets. It is my belief that bitcoin is not yet ready for users uncomfortable with the command line, which to me is synonymous with yet unfounded one-click security expectations.
hero member
Activity: 491
Merit: 500
August 01, 2011, 11:37:54 AM
#88
I use gnupg for my wallet but I also have a trucrypt volume where I store some other materials

I use this to automate the process just prompting for password when opening and then upon closing bitcoin to encrypt it again

seahorse-tool -d ~/.bitcoin/wallet.dat.pgp && /bitcoin-0.3.23/bin/32/bitcoin && rm ~/.bitcoin/wallet.dat.pgp && seahorse-tool -e ~/.bitcoin/wallet.dat && rm ~/.bitcoin/wallet.dat
member
Activity: 238
Merit: 10
August 01, 2011, 11:09:34 AM
#87
nice, didn't know that one;)


Now I am asking myself how sensitive the gpg private key is.
The process is to unlock the private key with my personal password. This private key then decrypts the file, thas was encrypted with my public key.
How hard is it do derive my personal password from the private key compared to hacking a symmetric gpg key?
newbie
Activity: 14
Merit: 0
August 01, 2011, 11:05:29 AM
#86
Hi,
I found this discussion very interesting as I asked the question myself.
Maybe anyone has already mentioned it, but how do you protect /tmp files or what so ever?

You need to decrypt your wallet to the .bitcoin directory, or any other place where the blockchain is.
After that you encrypt your wallet again and delete the unencrypted wallet.

Do you use an eraser tool for that? Otherwise it would not be safe enough for me;)

For me I figured out to use a truecrypt container holding my .bitcoin directory.
To backup the wallet only I use pgp and ssh (rsnapshot) to put it on a remote computer.

On linux use the shred command and then delete it:

Code:
shred wallet.dat
rm wallet.dat

EDIT: According to this thread, shred may not do it's job properly...
member
Activity: 238
Merit: 10
August 01, 2011, 11:00:21 AM
#85
Hi,
I found this discussion very interesting as I asked the question myself.
Maybe anyone has already mentioned it, but how do you protect /tmp files or what so ever?

You need to decrypt your wallet to the .bitcoin directory, or any other place where the blockchain is.
After that you encrypt your wallet again and delete the unencrypted wallet.

Do you use an eraser tool for that? Otherwise it would not be safe enough for me;)

For me I figured out to use a truecrypt container holding my .bitcoin directory.
To backup the wallet only I use pgp and ssh (rsnapshot) to put it on a remote computer.
full member
Activity: 168
Merit: 103
June 20, 2011, 05:29:01 AM
#84
So basically you don't know if/what "bcrypt" does anything different than "gpg --cipher-algo BLOWFISH"?

Yes, I never heard of it. I think I personally wouldn't trust anything other than GPG and OpenSSL. But that's because I know them and I know that they are well reviewed. There can be tools with similar standards that I just don't know of.
legendary
Activity: 3920
Merit: 2349
Eadem mutata resurgo
June 19, 2011, 05:28:56 PM
#83

Question for GPG knowledgeable;

GPG symmetric encryption of the wallet.dat with Blowfish algo, i.e.

Code:
$gpg --cipher-algo  BLOWFISH -c wallet.dat

is how much different than just using bcrypt?

Code:
$bcrypt wallet.dat

(Besides that gpg doesn't wipe the raw file off the disk as bcrypt does.)

Any program that uses that algorithm properly should be secure, but you have to look at the details.

The encryption algorithms work with binary keys that must be random to ensure security. If you encrypt a file, you usually do it with a password. A password is not a secure key in that sense, so the algorithm also has to derive a binary key from the password where each bit has a probability of 0.5.

Example:
- you have a file and want to encrypt it with AES256
- AES256 needs a 256 bit random key
- you choose a strong password of 12 ascii characters

Problem:
- your password is only 12 * 8 = 96 bits long
- the most significant bit of each byte is 0, because it's ASCII
- because of that, you should not use your password as AES key directly

There are different solutions now, and they really matter. That's why I would prefer GPG: It has been around for a long time, it is well tested, and the authors are experts who know the state of the art methods to derive keys from passwords.

I have looked at 7z and they seem to use a good key derivation method, too. That was the point I was skeptical about. It could be that compression tool programmers don't care so much or are just not that well informed about state of the art techniques in the crypto community.

So basically you don't know if/what "bcrypt" does anything different than "gpg --cipher-algo BLOWFISH"?
full member
Activity: 168
Merit: 103
June 19, 2011, 04:53:10 AM
#82
i use AxCrypt and it does a very cool job , very easy.

That's what I use too, but I'd like a version for linux. Not sure if they'd ever come up with one. I guess Truecrypt is the way to go in Unix land.

No, GPG is the way to go in Unix land. GPG is installed on every proper Unix system anyway. On the other hand, Linux Distros reject including TrueCrypt into their repositories for a variety of reasons.

Why use a unsupported tool, which you also have to install and update yourself, if there is a widely well-known tool available by default, where the distributor takes care of discovered vulnerabilities and updates?
legendary
Activity: 3080
Merit: 1080
June 19, 2011, 04:39:25 AM
#81
i use AxCrypt and it does a very cool job , very easy.

That's what I use too, but I'd like a version for linux. Not sure if they'd ever come up with one. I guess Truecrypt is the way to go in Unix land.
hero member
Activity: 586
Merit: 501
June 19, 2011, 04:14:18 AM
#80
i use AxCrypt and it does a very cool job , very easy.
full member
Activity: 168
Merit: 103
June 19, 2011, 03:20:15 AM
#79

Question for GPG knowledgeable;

GPG symmetric encryption of the wallet.dat with Blowfish algo, i.e.

Code:
$gpg --cipher-algo  BLOWFISH -c wallet.dat

is how much different than just using bcrypt?

Code:
$bcrypt wallet.dat

(Besides that gpg doesn't wipe the raw file off the disk as bcrypt does.)

Any program that uses that algorithm properly should be secure, but you have to look at the details.

The encryption algorithms work with binary keys that must be random to ensure security. If you encrypt a file, you usually do it with a password. A password is not a secure key in that sense, so the algorithm also has to derive a binary key from the password where each bit has a probability of 0.5.

Example:
- you have a file and want to encrypt it with AES256
- AES256 needs a 256 bit random key
- you choose a strong password of 12 ascii characters

Problem:
- your password is only 12 * 8 = 96 bits long
- the most significant bit of each byte is 0, because it's ASCII
- because of that, you should not use your password as AES key directly

There are different solutions now, and they really matter. That's why I would prefer GPG: It has been around for a long time, it is well tested, and the authors are experts who know the state of the art methods to derive keys from passwords.

I have looked at 7z and they seem to use a good key derivation method, too. That was the point I was skeptical about. It could be that compression tool programmers don't care so much or are just not that well informed about state of the art techniques in the crypto community.
legendary
Activity: 3920
Merit: 2349
Eadem mutata resurgo
June 18, 2011, 10:54:41 PM
#78

Question for GPG knowledgeable;

GPG symmetric encryption of the wallet.dat with Blowfish algo, i.e.

Code:
$gpg --cipher-algo  BLOWFISH -c wallet.dat

is how much different than just using bcrypt?

Code:
$bcrypt wallet.dat

(Besides that gpg doesn't wipe the raw file off the disk as bcrypt does.)
legendary
Activity: 1442
Merit: 1005
June 18, 2011, 06:34:37 PM
#77
http://content.wuala.com/contents/entropiahost/Share/bitcoinpassword.7z?dl=1

There you go. 294 bytes. Five chars alpha-lowercase and numeric password. If you successfully crack it, you can give me the password that is contained inside the textfile.
Hai guise, did anyone crack this yet? I said it would take days, you said it would take hours, so far it took days. I can make it interesting, like putting a valid wallet with some bitcents in it if that would raise your interest.

Yeah, I admit that I gave up, I didn't have enough patience.

The tool tested all 5-character-passwords and did not find any match. I didn't want to invest any more effort, the computer went hot all night.
Sorry to hear that, if the tool really tested the 5-character passwords as described and did not find "s3krt" as the password then it was either broken (in which case a cracker needs to be sure he uses the right protocol, I understood slower speeds are to be expected when bruteforcing 7zip) or it was used incorrectly. Either way, it doesn't matter as using a long password on the 7zip is a good way to secure your wallet. I say this because it's accessible (easy to use, well integrated, fast), cheap (small and open source, doesn't create files bigger than needed like Truecrypt) and secure (requires serious expenses to crack the password).
legendary
Activity: 1512
Merit: 1049
Death to enemies!
June 18, 2011, 05:30:35 PM
#76
2. TrueCrypt is source available and the format specification is well known. No need for NSA certification to be usable Wink

Why do all serious Linux distros reject TrueCrypt?
Because the restrictions TrueCrypt licence puts on distributing recompiled TrueCrypt versions. And Linux nerds taking licences and freedom too seriously.
full member
Activity: 168
Merit: 103
June 18, 2011, 05:18:11 PM
#75
2. TrueCrypt is source available and the format specification is well known. No need for NSA certification to be usable Wink

Why do all serious Linux distros reject TrueCrypt?
full member
Activity: 168
Merit: 103
June 18, 2011, 05:17:29 PM
#74
This discussion is moot. Thanks to the publicity, within a few days someone will create a new client that has encryption built-in. I'm quite sure of it.

It was always planned, it's just that you can't get everything finished at one time. It's not the case that the bitcoin software was released - it is more of an accident that the media attention came so early.
legendary
Activity: 1512
Merit: 1049
Death to enemies!
June 18, 2011, 04:56:39 PM
#73
Original Poster don't understand that:

1. TrueCrypt and GNUPG have different goals and modes of operation. TrueCrypt is for encrypting storage, GnuPG is for encrypting e-mail.

2. TrueCrypt is source available and the format specification is well known. No need for NSA certification to be usable Wink

3. The encryption will not protect if computer is infected with malware, unless the encryption prevents you from acessing your wallet as well.. It might help only if computer is stolen in powered down mode.

That crypto uncle with beard in that link does not understand what deniable encryption is for and how it operates. I bet he did not read the TrueCrypt manual and FAQ before made his conclusion. People sometimes do such things. I myself heard about Bitcoins in 2010 and immediately refused them because it instantly associated with such crappy software as Bitcomet, Bitlocker and Bitlord. I tought they are some PayPal or e-gold clone and most likely a scam also. I started to use them, mine them and steal them only when I read the whitepaper by Satoshi.
full member
Activity: 210
Merit: 100
June 18, 2011, 04:52:31 PM
#72
This discussion is moot. Thanks to the publicity, within a few days someone will create a new client that has encryption built-in. I'm quite sure of it.
full member
Activity: 168
Merit: 103
June 18, 2011, 04:39:39 PM
#71
http://content.wuala.com/contents/entropiahost/Share/bitcoinpassword.7z?dl=1

There you go. 294 bytes. Five chars alpha-lowercase and numeric password. If you successfully crack it, you can give me the password that is contained inside the textfile.
Hai guise, did anyone crack this yet? I said it would take days, you said it would take hours, so far it took days. I can make it interesting, like putting a valid wallet with some bitcents in it if that would raise your interest.

Yeah, I admit that I gave up, I didn't have enough patience.

The tool tested all 5-character-passwords and did not find any match. I didn't want to invest any more effort, the computer went hot all night.
Pages:
Jump to: