Pages:
Author

Topic: [IDEA] Casascius physical Bitrings (Read 3665 times)

rjk
sr. member
Activity: 448
Merit: 250
1ngldh
May 11, 2012, 10:32:24 AM
#22
I would like a USB enabled ring with both Yubikey and encrypted wallet.dat storage capabilities. Go.
Although I can't quite provide what you are looking for, have a peek at what Yubico just recently released. It is called the Yubikey Nano, and it is very awesome: http://www.yubico.com/yubikey-nano
$40 bucks each though.  Undecided
donator
Activity: 1419
Merit: 1015
May 11, 2012, 10:14:28 AM
#21
I would like a USB enabled ring with both Yubikey and encrypted wallet.dat storage capabilities. Go.
hero member
Activity: 742
Merit: 500
May 11, 2012, 10:05:29 AM
#20
So here's what I ended up doing for my wearable paper wallet - dog tags.

Dog tags are durable (made of steel), cheap (a set of 2 with chain and silencers cost me $9), and hold a lot of text (5 lines of 14 characters each per tag and it's customary to wear two).

The major downside? Most of the places that emboss dog tags don't allow lowercase letters so I couldn't use base58, I had to default downward to base32. Luckily, base32 is a recognized standard (unlike base58 which we more or less made up for Bitcoin) so if you want to do fancier things than me there are pre-existing libs for it. Also, since each character of b32 is worth 5 bits of entropy we only need 160/5=32 digits for entropy to be >= the amount of entropy in a Bitcoin address or about 24 digits to match the entropy in one of Casascius' mini private keys.

Now if you're super paranoid you could just put half of your key on one tag and half on another and have them engraved by separate companies but I opted for a different (and I think more clever) approach. Since each tag can hold up to 5 lines of text, I generated some random 40-bit (8 character) base32 and labeled my tags thusly:

Tag 1:
0 RNESQS5Y
1 KI3QGVP3
2 IY4EZIIH
3 OYHBET4C
4 CLMAD264

Tag 2:
5 QEPOOXFJ
6 JRIIEL2K
7 VAIV5HU4
8 I2H4ZGP5
9 C6NPVY3Y

(note: not my actual key values, I'm not that dumb...)

Now I just need to remember any number with at least 3 (preferably 4+) digits and use the tags as a lookup device. If my pin were 1286, for example, I'd look up the values for those numbers on my tag and come up with a key of KI3QGVP3IY4EZIIHI2H4ZGP5JRIIEL2K. I can enter this value into something like Casascius' BitcoinAddress utility and generate an address (or even a whole deterministic wallet) just like it were a valid mini private key from one of his coins. I could also add another bit of entropy by varying whether I enter the b32 values above in upper or lowercase characters and could even "salt" the values with a simple/descriptive passphrase.

IMO this is the best combination of a physical wallet and a mental wallet since it requires both a physical device and a value known only to me to recreate any given wallet. It also allows me to store an effectively limitless number of privkeys on my person (limited only by however many PINs or salt passwords I can memorize).

For the truly insane, most embossers do support a small number of special characters - hyphens, colons etc. so it's possible to extend base32 as you see fit, and I'm sure if you hunt you can find someone that will emboss mixed case letters, but for cheapness and simplicity base32 just works. It also has the advantage of representing a number of bits that 160 is divisible by, so Bitcoin-related entropy math is very easy.

Any thoughts?
hero member
Activity: 742
Merit: 500
May 02, 2012, 09:31:27 PM
#19
Also keep in mind that mens rings are usually wide enough to fit 2 or 3 lines of text @ 30 characters each, so you could potentially put up to 90 characters inside the ring and if you got the right material, style and finish another 90 characters outside. It might be wise to use a separator character on each line to show where the characters start and stop, depending on how the engraving works out so 87 inside and 87 out for a total of 174 characters. If you use Bitcoin's standard Base58 encoding that gives you log2(58)*174≈1019 bits for both sides or  log2(58)*87≈510 bits - WAY more than you'd actually need for a privkey. Even falling back to hex would give you log2(16)*174=696 bits for a double-sided inscription or log2(16)*87=348 bits, still more than adequate.

Given that the Casascius mini private key is kind of an industry standard though, it's probably best to stick with it for compatibility's sake.

If one did more than 30 characters for a private key, the additional characters ought to contribute to some sort of forward error correction scheme (e.g. Reed-Solomon codes), so that the key can be recovered with any substantial fraction of the message.

Not a bad idea. Perhaps that'd be a better use of the extra space in my wacky sliding nested ring thing up there than storing multiple keys. I'd trust you to come up with the scheme for that better than I'd trust myself, you tell us?
vip
Activity: 1386
Merit: 1140
The Casascius 1oz 10BTC Silver Round (w/ Gold B)
May 02, 2012, 09:24:22 PM
#18
Also keep in mind that mens rings are usually wide enough to fit 2 or 3 lines of text @ 30 characters each, so you could potentially put up to 90 characters inside the ring and if you got the right material, style and finish another 90 characters outside. It might be wise to use a separator character on each line to show where the characters start and stop, depending on how the engraving works out so 87 inside and 87 out for a total of 174 characters. If you use Bitcoin's standard Base58 encoding that gives you log2(58)*174≈1019 bits for both sides or  log2(58)*87≈510 bits - WAY more than you'd actually need for a privkey. Even falling back to hex would give you log2(16)*174=696 bits for a double-sided inscription or log2(16)*87=348 bits, still more than adequate.

Given that the Casascius mini private key is kind of an industry standard though, it's probably best to stick with it for compatibility's sake.

If one did more than 30 characters for a private key, the additional characters ought to contribute to some sort of forward error correction scheme (e.g. Reed-Solomon codes), so that the key can be recovered with any substantial fraction of the message.
hero member
Activity: 742
Merit: 500
May 02, 2012, 09:18:02 PM
#17
This ring seems almost custom-made to hide a privkey. If you use the mini privkey format you could actually keep up to 4 on it, though 1 would be visible to the outside world, so in practice only 3. The engraving fields aren't long enough to hold an entire address, though you could definitely fit the firstbits on there. Assuming the firstbits for all 3 addresses are <= 7 characters long you could fit the firstbits for all 3 addresses on the inside of the ring and the firstbits on the outside. 3 complete privkeys and everything you need to make payments to them all on one ring. Snazzy.

hero member
Activity: 784
Merit: 1010
Bitcoin Mayor of Las Vegas
May 02, 2012, 08:51:26 PM
#16
Stamp the private key on a tungsten chip and embed it inside a gold coin. The only way to retrieve the key would be to melt it down to retrieve the chip.
hero member
Activity: 742
Merit: 500
May 02, 2012, 08:50:53 PM
#15
Wearable Password Card anybody?
donator
Activity: 1736
Merit: 1014
Let's talk governance, lipstick, and pigs.
May 02, 2012, 08:45:25 PM
#14
You could even just make it a cipher reminder for a brain wallet. The enigmatic writing can be on the outside and/or inside the ring.
hero member
Activity: 742
Merit: 500
May 02, 2012, 07:51:48 PM
#13
Also keep in mind that mens rings are usually wide enough to fit 2 or 3 lines of text @ 30 characters each, so you could potentially put up to 90 characters inside the ring and if you got the right material, style and finish another 90 characters outside. It might be wise to use a separator character on each line to show where the characters start and stop, depending on how the engraving works out so 87 inside and 87 out for a total of 174 characters. If you use Bitcoin's standard Base58 encoding that gives you log2(58)*174≈1019 bits for both sides or  log2(58)*87≈510 bits - WAY more than you'd actually need for a privkey. Even falling back to hex would give you log2(16)*174=696 bits for a double-sided inscription or log2(16)*87=348 bits, still more than adequate.

Given that the Casascius mini private key is kind of an industry standard though, it's probably best to stick with it for compatibility's sake.
full member
Activity: 189
Merit: 100
May 01, 2012, 08:46:36 AM
#12
I also found this interesting: https://bitcointalksearch.org/topic/korean-11267
full member
Activity: 189
Merit: 100
April 28, 2012, 12:08:11 AM
#11
You could use a secret alphabet, or glyph set that allows higher base than 58. Or use Chinese characters, some dictionaries assign a number to each character (some have over 40000). Or use the Kanji SKIP system for steganography (Due to the redundancy, you could create a meaningful sentence that you could decode to a private key).
hero member
Activity: 504
Merit: 500
April 27, 2012, 10:06:42 PM
#10
If they are wedding rings, half a private key on each of the pair...
I love it but I dont think my fiance would go for it.

I like the idea but it all depends on the ring design. Might be better off getting a plain ring and having the jeweler in grave it with a private key.(thats a security risk there too having the jeweler engrave it.)

Decentralise the engraving, use N jewellers and have each jeweller only know part of the key :p

...

Imagine the treasure hunt in 150 years for hidden private keys after the block rewards reach 0... Don't publicise that you got buried with bitcoins lol (not to self, buriedwithbitcoins.com)
REF
hero member
Activity: 529
Merit: 500
April 27, 2012, 09:57:45 PM
#9
If they are wedding rings, half a private key on each of the pair...
I love it but I dont think my fiance would go for it. she said she would go for it.

I like the idea but it all depends on the ring design. Might be better off getting a plain/any ring and having the jeweler in grave it with a private key.(thats a security risk there too having the jeweler engrave it.)
donator
Activity: 1736
Merit: 1014
Let's talk governance, lipstick, and pigs.
hero member
Activity: 504
Merit: 500
April 27, 2012, 09:10:52 PM
#7
If they are wedding rings, half a private key on each of the pair...
donator
Activity: 1464
Merit: 1047
I outlived my lifetime membership:)
April 27, 2012, 09:00:45 PM
#6
Fantastic idea. You could put some of the private key on the outside and some on the inside without any real security risk.
legendary
Activity: 1008
Merit: 1023
Democracy is the original 51% attack
April 26, 2012, 06:28:09 PM
#5
I'd love a ring like this... and in fact the private key needn't be that hidden at all. I'd be happy if the private key was engraved on the inside band. Thus if the ring was stolen, the funds would be also (but this is true of all nice rings, no?).  Would also need to be real silver - I'd want something classy Wink
donator
Activity: 2058
Merit: 1054
April 26, 2012, 03:16:54 PM
#4
I have a 10 BTC silver coin I bought from him, that I've slowly moves around ~200 BTC

I'd love to be able to put them on a ring and then be able to wear my investment!
I guess your coin should be easier to wear as a pendant than as a ring.

Find out how many characters a regular jeweler can engrave inside the ring. It might be enough for a mini-privkey format already.
Good point, from a quick search it looks like at least 30 characters are not a problem at all, so for the most basic usage we don't need to wait for anyone to offer this as a specific product. But I wonder if some provision needs to be made to make stealing the key a bit harder.
legendary
Activity: 1078
Merit: 1000
Charlie 'Van Bitcoin' Shrem
April 26, 2012, 03:13:26 PM
#3
I have a 10 BTC silver coin I bought from him, that I've slowly moves around ~200 BTC

I'd love to be able to put them on a ring and then be able to wear my investment!
Pages:
Jump to: