Is it safe to re-use a paper wallet BTC address after spending it all?

DannyHamilton

legendary

Activity: 3472

Merit: 4801

Quote from: Kouye on August 20, 2013, 08:06:27 AM

Quote from: DannyHamilton on August 20, 2013, 12:58:41 AM

While ECDSA is "enough" when used properly, there are issues that can arise that reduce your security when it is not used properly.

As an example, if the random number generator that is used to generate the k value when singing a transaction isn't sufficiently "random" it becomes possible for someone to use multiple signatures from the same private key to compute that private key and steal your bitcoins. If you use a new address for each transaction, then you never have multiple signatures from the same private key, so this is no longer an issue.

Forgive the intrusion, but I'm curious, Danny. Do you really discard the private keys once you cleared the unspent output, as you state on your BTC trading post? Or do you keep them in archive wallets "just in case"?

It is safest to assume that I discard them regardless of what I actually do. No harm at all can come from accepting that I discard them.

Kouye

sr. member

Activity: 336

Merit: 250

Cuddling, censored, unicorn-shaped troll.

Quote from: DannyHamilton on August 20, 2013, 12:58:41 AM

While ECDSA is "enough" when used properly, there are issues that can arise that reduce your security when it is not used properly.

As an example, if the random number generator that is used to generate the k value when singing a transaction isn't sufficiently "random" it becomes possible for someone to use multiple signatures from the same private key to compute that private key and steal your bitcoins. If you use a new address for each transaction, then you never have multiple signatures from the same private key, so this is no longer an issue.

Forgive the intrusion, but I'm curious, Danny. Do you really discard the private keys once you cleared the unspent output, as you state on your BTC trading post? Or do you keep them in archive wallets "just in case"?

colinistheman

hero member

Activity: 907

Merit: 1003

Quote from: DannyHamilton on August 20, 2013, 12:58:41 AM

Quote from: jackjack on August 19, 2013, 05:24:04 AM

Quote from: Valle on August 18, 2013, 10:53:26 PM

When you don't reuse addresses, your bitcoins are protected by ECDSA (Elliptic Curve Digital Signature Algorithm), SHA-256 and RIPEMD-160. On a first transaction you publish your public key, so only ECDSA lefts. However, I believe that it is still pretty secure.

Congratulations for posting the only technical post.
ECDSA is indeed enough. If an EC becomes broken, Bitcoin won't be the first target.

While ECDSA is "enough" when used properly, there are issues that can arise that reduce your security when it is not used properly.

As an example, if the random number generator that is used to generate the k value when singing a transaction isn't sufficiently "random" it becomes possible for someone to use multiple signatures from the same private key to compute that private key and steal your bitcoins. If you use a new address for each transaction, then you never have multiple signatures from the same private key, so this is no longer an issue.

Awesome. Another great technical reason. This is exactly what I need to hear. I feel like i actaully understand the benefits of not re-using a key now. Thank you everyone

DannyHamilton

legendary

Activity: 3472

Merit: 4801

Quote from: jackjack on August 19, 2013, 05:24:04 AM

Quote from: Valle on August 18, 2013, 10:53:26 PM

When you don't reuse addresses, your bitcoins are protected by ECDSA (Elliptic Curve Digital Signature Algorithm), SHA-256 and RIPEMD-160. On a first transaction you publish your public key, so only ECDSA lefts. However, I believe that it is still pretty secure.

Congratulations for posting the only technical post.
ECDSA is indeed enough. If an EC becomes broken, Bitcoin won't be the first target.

While ECDSA is "enough" when used properly, there are issues that can arise that reduce your security when it is not used properly.

As an example, if the random number generator that is used to generate the k value when singing a transaction isn't sufficiently "random" it becomes possible for someone to use multiple signatures from the same private key to compute that private key and steal your bitcoins. If you use a new address for each transaction, then you never have multiple signatures from the same private key, so this is no longer an issue.

DannyHamilton

legendary

Activity: 3472

Merit: 4801

Quote from: Dabs on August 19, 2013, 12:23:45 AM

Notice that satoshi dice uses the same address over and over. As do many other block chain based games. Most vanity addresses are reused. Some mining pools reuse the same address for sending your mining income, directly or indirectly. Donation addresses are usually reused.

The fact that others make poor decisions isn't evidence that the decisions aren't poor.

colinistheman

hero member

Activity: 907

Merit: 1003

Quote from: Valle on August 18, 2013, 10:53:26 PM

When you don't reuse addresses, your bitcoins are protected by ECDSA (Elliptic Curve Digital Signature Algorithm), SHA-256 and RIPEMD-160. On a first transaction you publish your public key, so only ECDSA lefts. However, I believe that it is still pretty secure.

Thank you for the explanation!

jackjack

legendary

Activity: 1176

Merit: 1280

May Bitcoin be touched by his Noodly Appendage

Quote from: Valle on August 18, 2013, 10:53:26 PM

When you don't reuse addresses, your bitcoins are protected by ECDSA (Elliptic Curve Digital Signature Algorithm), SHA-256 and RIPEMD-160. On a first transaction you publish your public key, so only ECDSA lefts. However, I believe that it is still pretty secure.

Congratulations for posting the only technical post.
ECDSA is indeed enough. If an EC becomes broken, Bitcoin won't be the first target.

Dabs

legendary

Activity: 3416

Merit: 1912

The Concierge of Crypto

Notice that satoshi dice uses the same address over and over. As do many other block chain based games. Most vanity addresses are reused. Some mining pools reuse the same address for sending your mining income, directly or indirectly. Donation addresses are usually reused.

Valle

full member

Activity: 177

Merit: 101

When you don't reuse addresses, your bitcoins are protected by ECDSA (Elliptic Curve Digital Signature Algorithm), SHA-256 and RIPEMD-160. On a first transaction you publish your public key, so only ECDSA lefts. However, I believe that it is still pretty secure.

Valle

full member

Activity: 177

Merit: 101

Flawed RNG == random number generator what returns only one number every time. Happened once in the history on a dumb hardware wallet.

grue

legendary

Activity: 2058

Merit: 1452

Quote from: colinistheman on August 18, 2013, 08:49:51 PM

Quote from: 2_Thumbs_Up on August 18, 2013, 04:42:42 PM

Well, re-using keys makes you vulnerable to flawed RNGs.

What are RNGs?

random number generators. see: the recent issue with android based wallets.

colinistheman

hero member

Activity: 907

Merit: 1003

Quote from: 2_Thumbs_Up on August 18, 2013, 04:42:42 PM

Well, re-using keys makes you vulnerable to flawed RNGs.

What are RNGs?

2_Thumbs_Up

sr. member

Activity: 323

Merit: 251

Well, re-using keys makes you vulnerable to flawed RNGs.

colinistheman

hero member

Activity: 907

Merit: 1003

Quote from: nameface on August 18, 2013, 12:39:30 PM

You will relate future transactions to previous transactions by reusing your public key. The effect is diminished anonymity, it's not really a security concern.

Thanks for the answer. Yes, however I suppose it could be if the place where I used my private key ever got hacked or leaked it based on Birdy's answer.

Looks like it's generating new keys for me.

colinistheman

hero member

Activity: 907

Merit: 1003

Quote from: Birdy on August 18, 2013, 12:54:49 PM

You had to import the private key somewhere to spend the Bitcoins from the paper wallet, so it's as secure as the place you've used it on.

Ah, that's a good point. Thanks

Quote from: superduh on August 18, 2013, 12:55:13 PM

this should be a technical answer as opposed to the o so common paranoia

Yes, I'm looking for the technical reasons. I just want to fully understand how it works so I can truly make the best decision for myself.

superduh

hero member

Activity: 602

Merit: 500

this should be a technical answer as opposed to the o so common paranoia

Birdy

sr. member

Activity: 364

Merit: 250

Quote from: colinistheman on August 18, 2013, 11:26:11 AM

Is it safe to re-use a paper wallet BTC address after spending it all? I spent it all in one transfer, so there was no "change" to be sent back to me. Does this make it safe to use this wallet again? I know for a fact that this private key is safe because I generated and printed it on an offline computer.

Does the mere fact of me having done a spend transfer with it on the blockchain make it less secure?

You had to import the private key somewhere to spend the Bitcoins from the paper wallet, so it's as secure as the place you've used it on.

nameface

sr. member

Activity: 406

Merit: 250

You will relate future transactions to previous transactions by reusing your public key. The effect is diminished anonymity, it's not really a security concern.

shawshankinmate37927

hero member

Activity: 854

Merit: 1000

Bitcoin: The People's Bailout

Quote from: colinistheman on August 18, 2013, 11:26:11 AM

Is it safe to re-use a paper wallet BTC address after spending it all? I spent it all in one transfer, so there was no "change" to be sent back to me. Does this make it safe to use this wallet again? I know for a fact that this private key is safe because I generated and printed it on an offline computer.

Does the mere fact of me having done a spend transfer with it on the blockchain make it less secure?

Why not generate a new paper wallet, just in case?

colinistheman

hero member

Activity: 907

Merit: 1003

Is it safe to re-use a paper wallet BTC address after spending it all? I spent it all in one transfer, so there was no "change" to be sent back to me. Does this make it safe to use this wallet again? I know for a fact that this private key is safe because I generated and printed it on an offline computer.

Does the mere fact of me having done a spend transfer with it on the blockchain make it less secure?

Topic: Is it safe to re-use a paper wallet BTC address after spending it all? (Read 3438 times)