Pages:
Author

Topic: How safe is to storage private keys in the cloud? (Read 6261 times)

full member
Activity: 260
Merit: 102
Here's what you do:

Download Veracrypt.
Create an ecnrypted file store.
Mount the store and put all of your private keys into that encrypted store.
Backup the encrypted file store.
newbie
Activity: 27
Merit: 0
Print your private keys on a piece of paper, put it in a sealed envelope and bury it among your personal effects with the word Imprtant written on the outside. Dont store them online. IF you ever get burgled and your paper goes missing, move your BTC to a new wallet before anyone figures out what the string is about.
newbie
Activity: 34
Merit: 0
Thanks for the feedback guys. Definitely would go with reputable and secure clouds, not just random clouds. As an information security professional who's worked with implementing security for North American Banks, I can guarantee when implementing the app, that I would follow the same security measures that banks would use, or at least we advise them to use.

As I get close to finishing the project I will share more details of the implementation and the security measures put in place.

Bank accounts and services are hacked and frauded every day. Maybe security that is in the level of North American banks isn't enough.

In a cloud storage service, someone surely will have access to your file, because if the justice request them, they can fulfill the request.  What if someone from the cloud storage service reads the key and use it to move the coins, how could you prove the service did something wrong?

Better use an online wallet if you are willing to save private keys on the cloud. Or save the keys encrypted

I appreciate the feedback, I promise my solution will address this issue. Can't give away too much just yet, but I'll let you know how that issue is addressed very soon (because I have to test it out myself, before seeming that I am talking out of my ass).  Wink
legendary
Activity: 1162
Merit: 1000
Thanks for the feedback guys. Definitely would go with reputable and secure clouds, not just random clouds. As an information security professional who's worked with implementing security for North American Banks, I can guarantee when implementing the app, that I would follow the same security measures that banks would use, or at least we advise them to use.

As I get close to finishing the project I will share more details of the implementation and the security measures put in place.

Bank accounts and services are hacked and frauded every day. Maybe security that is in the level of North American banks isn't enough.

In a cloud storage service, someone surely will have access to your file, because if the justice request them, they can fulfill the request.  What if someone from the cloud storage service reads the key and use it to move the coins, how could you prove the service did something wrong?

Better use an online wallet if you are willing to save private keys on the cloud. Or save the keys encrypted
newbie
Activity: 34
Merit: 0
Thanks for the feedback guys. Definitely would go with reputable and secure clouds, not just random clouds. As an information security professional who's worked with implementing security for North American Banks, I can guarantee when implementing the app, that I would follow the same security measures that banks would use, or at least we advise them to use.

As I get close to finishing the project I will share more details of the implementation and the security measures put in place.
legendary
Activity: 1372
Merit: 1005
Store private keys in the cloud? Um, this is a very bad idea. I mean if you know what you are doing then it could work, but not recommended generally speaking.

Cloud is also secured in some how. That concern site should be loyal full site Dropbox or one drive else you cannot be able to go with the cloud for security concerns. If you are worry about private key should not be shared means you should not use the any online wallet   first because it been shared with the online wallet provider only.
sr. member
Activity: 387
Merit: 250
Presale is live!
Store private keys in the cloud? Um, this is a very bad idea. I mean if you know what you are doing then it could work, but not recommended generally speaking.
newbie
Activity: 34
Merit: 0
Hey guys,

Some of you might brush me off because of my newbie status on the forums. I've just got into crypto less than 6months ago, but I have a legit solution that I am thinking about building myself.

I am an iOS and Android developer, have my own startup (in Canada) and have a CISSP (so I know a lot about security, and was involved in identifying security holes for some North American Financial Institutions before my startup). I've been developing apps for the past 5 years, and have been a programmer for just over 15 years.

I have an idea that may help secure our private keys through a decentralized cloud storage. This would solve the problem of one cloud being hacked, as you would need all other cloud services being hacked as well (in and around the same time). Before I start developing the solution (thinking start in 2 weeks), I'm trying to gauge the interest of the crypto community.

Let me know what you guys think. Positive criticism is always welcome, but you can keep unjustified negativity to yourself. Thanks in advance.
legendary
Activity: 1736
Merit: 1006
It's a good idea to store your private keys in the cloud, even though you camouflage the file as something normal like shopping for photos on the keys and hiding the photo in a large folder of holiday photos. Your recent or something
 I think if you maintain the proper security for your cloud storage account using passwords and it is difficult to compromise with whatever you are hosting there will be safe.
 If you think that if you save a private key with Google Drive and if you think Google itself may see your private key, it is wrong.

Keep in mind that google drives will close their services for next year, I think the services of all cloud services are safe, but in the end they will become very commercially fast, I do not trust the cloud because many cases are happening due to the influence of various conditions. I'd better backup data manually and more than one device.

google drive isnt closing, they are getting rid of the windows app that automatically backs up your files.
sr. member
Activity: 1680
Merit: 263
It's a good idea to store your private keys in the cloud, even though you camouflage the file as something normal like shopping for photos on the keys and hiding the photo in a large folder of holiday photos. Your recent or something
 I think if you maintain the proper security for your cloud storage account using passwords and it is difficult to compromise with whatever you are hosting there will be safe.
 If you think that if you save a private key with Google Drive and if you think Google itself may see your private key, it is wrong.

Keep in mind that google drives will close their services for next year, I think the services of all cloud services are safe, but in the end they will become very commercially fast, I do not trust the cloud because many cases are happening due to the influence of various conditions. I'd better backup data manually and more than one device.
newbie
Activity: 38
Merit: 0
It's a good idea to store your private keys in the cloud, even though you camouflage the file as something normal like shopping for photos on the keys and hiding the photo in a large folder of holiday photos. Your recent or something
 I think if you maintain the proper security for your cloud storage account using passwords and it is difficult to compromise with whatever you are hosting there will be safe.
 If you think that if you save a private key with Google Drive and if you think Google itself may see your private key, it is wrong.
hero member
Activity: 2590
Merit: 644
I think a person hacking your cloud is smart enough to find what to do with your keys. I prefer to save it in many pieces of paper and save them in safe places.
That is what i did in my private keys in my wallets of bitcoin. I put it on a piece of paper and i put it on a very safe place so i can have a comfortable life because i don't trust online storage sites like cloud storage because they have still chance to get hacked and if i will put the important files there then it is game over for me.
full member
Activity: 150
Merit: 100
I think a person hacking your cloud is smart enough to find what to do with your keys. I prefer to save it in many pieces of paper and save them in safe places.
legendary
Activity: 1736
Merit: 1006
i think it is perfectly safe to store your private keys in a cloud like google drive as long as
1, the key is encrypted.
2, the keys are stored in a RAR file with a password not the same as the encryption password.
3, the google account has 2fa enabled and a unique email address specific for storing the keys.


but always keep a hard copy. no way to know if google drive will stop working someday.
legendary
Activity: 1148
Merit: 1048
Can someone know where a private key belongs once a person have found it?

Let's say a private key copy is stored in the cloud and is found for a bad person; is it possible for that person to know where to use that private key?

Yes assuming they figure out what the point of the code is when converted then someone could easily gain the private key and use it.
If its just random noise maybe not but offline storage is best.

if the key is evident, it is not safe. you can only steal something that is there.

that being said, storing keys in the cloud, or any sensitive information for that matter, is an inherently bad idea. the storage is centralized; if the database is compromised, your data is compromised along with it.

there is one caveat, however, and that is encryption. if you encrypt the data yourself, you can make it unusable to anyone that doesnt have the key to it as well. note, you wont be able to stop them from getting the file, but you can stop them from accessing the file. with bitcoin, the access is more vital (there are locked wallets right now with untold fortunes). you should be practicing encryption as part of any robust cyber security scheme already Wink

newbie
Activity: 6
Merit: 0
For me there is nothing safe
legendary
Activity: 1806
Merit: 1090
Learning the troll avoidance button :)
Can someone know where a private key belongs once a person have found it?

Let's say a private key copy is stored in the cloud and is found for a bad person; is it possible for that person to know where to use that private key?

Yes assuming they figure out what the point of the code is when converted then someone could easily gain the private key and use it.
If its just random noise maybe not but offline storage is best.
legendary
Activity: 1652
Merit: 1057
I am not fully believe to store private keys in cloud storage, all our secrets will open if the emails we've been penetrated by hackers,
I consider the cloud is not a safe way because it still has a gap to be consumed together.
I don’t prefer and trust the private keys to be stored in to the cloud. I think it is like the involvement of something which is more at risk anytime. We are surrounded by many hackers and this is something that makes quite uncomfortable to think of it. I am more interested in keeping all my stuff in a PC or on my android app which is quite easy for me to access anytime I want and is safer.
hero member
Activity: 2590
Merit: 644
I think it is not safe to save your private keys in the cloud or online because it is too risky because there is no safe place in the internet and everything can be bypassed by the professional hackers. So if i were you i will just save the private keys in a offline device like usb and keep it on a safe place and i will also do a back up by having a copy on paper.
newbie
Activity: 42
Merit: 0
I think! private key do not share at all of time if it had BTC!
Few know the probability of losing will be less
Pages:
Jump to: