Topic: How secure is this? (Read 1063 times)
thanks for all the replies I have forgotton this idea and used my friends engraving machine and done it myself. only problem is it isn't a laser machine so doesn't look as good
You could make a BIP 38 keypair. A passphrase protected private key.
https://en.bitcoin.it/wiki/BIP_0038
https://en.bitcoin.it/wiki/BIP_0038
You can use gpg,
gpg --armor --symmetric --cipher-algo AES256 file_with_private_key
That encrypts your private key with a passphrase you give it (file_with_private_key.asc). The armor option makes it output in ascii (you end thus up with printable characters). You can give that output without worries to an engraver (be sure though to have a completely randomized password at least 20 characters long!)
Decrypt with:
gpg -o filename -d file_with_private_key.asc
Of course you might want to engrave the passphrase with a different engraver,
gpg --armor --symmetric --cipher-algo AES256 file_with_private_key
That encrypts your private key with a passphrase you give it (file_with_private_key.asc). The armor option makes it output in ascii (you end thus up with printable characters). You can give that output without worries to an engraver (be sure though to have a completely randomized password at least 20 characters long!)
Decrypt with:
gpg -o filename -d file_with_private_key.asc
Of course you might want to engrave the passphrase with a different engraver,
So the engraver will see my public address and my private key with a few changes. Are there any risk of my coins getting stiolen?
Yes, absolutely. So forget it
The approach that I use for encrypting is PGP/GPG and then turn the encrypted private key into a QR code (which you could safely get engraved assuming your PGP/GPG password is secure).
How do you encrypt it though?
https://bitcointalksearch.org/topic/m.3173226
I'd generate a random 256 bit number, perform an XOR between the random 256 bit number and the bitcoin address, then encode both the random number and the result of the XOR in something like base58. Next I'd have two different engravers engrave two separate items, each engraving one of the two encoded strings.
To redeem, you'd perform a bitwise XOR between the values represented on the two engraved items, and import the result as a private key.
In reality, this is all more effort and risk than I'd prefer. I wouldn't use an engraver at all, and would find some other method of long term storage that doesn't require me to reveal my address or encoded private key to another person. If you've got your mind set on involving untrusted people to assist, then I'd want to introduce a significant amount of unpredictable modification to the value that you are sharing.
To redeem, you'd perform a bitwise XOR between the values represented on the two engraved items, and import the result as a private key.
In reality, this is all more effort and risk than I'd prefer. I wouldn't use an engraver at all, and would find some other method of long term storage that doesn't require me to reveal my address or encoded private key to another person. If you've got your mind set on involving untrusted people to assist, then I'd want to introduce a significant amount of unpredictable modification to the value that you are sharing.
How do you encrypt it though?
But then the last engraver will know it all lol. Anyway I am going to change it a bit. Thankyou
The last engraver would only know the last part of the private key (i.e. you'd end up with 2 or 3 separate engravings for your private key).
Although not as good as an encrypted private key provided that the engravers aren't ever likely to be able to collude you should be fine (using engravers from different cities or better yet different countries would vastly reduce any chance of collusion).
But then the last engraver will know it all lol. Anyway I am going to change it a bit. Thankyou
Yes maybe I might do that. Thank you
If you're not going to encrypt then why not at least divide the private key into (2 or 3) parts and get them engraved separately (each at a different engraver)?
You've posted this question in multiple places. I've already answered it in your other post:
https://bitcointalksearch.org/topic/m.3172909
https://bitcointalksearch.org/topic/m.3172909
If the engraver is aware of your obfuscation system, then there is a significant risk (perhaps they are reading this forum right now?)
Even if they aren't aware, there is a bit of a risk that they could decide to run a program that iterates over various combinations of substitution. I haven't done the math, but you are essentially changing only 9 bits of information in an otherwise known 256 bit number.
Even if they aren't aware, there is a bit of a risk that they could decide to run a program that iterates over various combinations of substitution. I haven't done the math, but you are essentially changing only 9 bits of information in an otherwise known 256 bit number.
I want to get a piece of metal engraved with my public address and private key. Basically my public address will be shown and the private key will be fully written yet have some characters capitalised/ decapitalised and some numbers that are slightly different.
In toltal for one full private key generated from bitaddress.org the private key was changed by capitalising 3 letters, decapitalising 2 and changing 1 of the numbers.
So the engraver will see my public address and my private key with a few changes. Are there any risk of my coins getting stiolen?
Thanks
In toltal for one full private key generated from bitaddress.org the private key was changed by capitalising 3 letters, decapitalising 2 and changing 1 of the numbers.
So the engraver will see my public address and my private key with a few changes. Are there any risk of my coins getting stiolen?
Thanks
Jump to: