Author

Topic: Isn't a paper wallet less safe/secure than an encrypted wallet on flash drive? (Read 4143 times)

legendary
Activity: 1512
Merit: 1036
You can have many paper wallet copies of your private key that can't be stolen from you

ciphertext:

50 shades of gray, hardcover, first edition


Brainwallet = decoding method

start at N pages from front of book
start up M from bottom of page
start in O characters from start of line
retrieve P characters from each page
skip forward in Q page steps
until you have characters from R pages total

SHA256 hash the retrieved characters S times = private key

Replace the Ns with numbers significant to you; even if all the numbers are all "2", just the method obfuscates it beyond retrieval. Something I have (but many have) + something I know.

Nash would enjoy finding the bitcoins sent to spies encoded in the New York Times.

I do not use this method, but if I had a completely different method I actually use, I wouldn't tell you.
legendary
Activity: 1135
Merit: 1166
 

Piper can print encrypted paper wallets that you can also back up onto a flash drive.  So you can have the best of both worlds!

I don't know about Piper, but personally I've also done both.  The private key on my paper wallet is still encrypted, though, to be safe against someone stealing the paper (although it is in a safety deposit box), and the electronic copies (in two locations) are encrypted with multiple layers (wallet encryption from bitcoind, PGP encryption to a symmetric key / passphrase and LUKS for the storage medium).  I hope my coins are secure that way, and honestly the most worries I have are that I somehow screwed up saving the key or some decryption doesn't work or so, more than someone getting the private key and stealing my coins.  (But I tried hard to be sure everything is fine.)
hero member
Activity: 518
Merit: 500
This is an example of a private key, written in hexadecimal
E9 87 3D 79 C6 D8 7D C0 FB 6A 57 78 63 33 89 F4 45 32 13 30 3D A6 1F 20 BD 67 FC 23 3A A3 32 62

And here is the same private key, written in Base 58 Wallet Import format
5Kb8kLf9zgWQnogidDA76MzPL6TsZZY36hWXMssSzNydYXYB9KF

Either could be punctuated in various ways to make the purpose less obvious

E9 87 3D 79
C6 D8 7D
C0 FB 6A
57 78 63 33 89
F4 45 32
13 30 3D A6
1F 20 BD 67 FC
23 3A A3 32 62

5Kb8kL
f9z
gWQnogid
DA76
MzPL6T
sZZY
36h
WXMss
SzNyd
YXYB9KF

These, printed on paper on a page of uninteresting text, might be more secure than an ornate banknote type design, that contains a scannable QR code and the word "Bitcoin".



any kind of traditional conversation to another format seems weak because anyone could figure that out.   Once bitcoin becomes more popular, you are screwed there.   Or if they physically seize the paper wallet, then you won't have it either. 

It seems like encrypting to some microsd cards as well as uploading to the cloud in various places would be good.  Although of course if the NSA sees any encrypted files in your cloud storage, they will probably just assume you are a terrorist and summarily execute you...because that's how they roll.
sr. member
Activity: 352
Merit: 250
 

Piper can print encrypted paper wallets that you can also back up onto a flash drive.  So you can have the best of both worlds!

Hahaha
vip
Activity: 756
Merit: 503
Good idea, could even write it like this:

site1.com: 5Kb8kL
site2.com: f9zgWQnogid
site3.com: DA76MzPL6T
site4.com: sZZY36h
site5.com: WXMssSzNyd
site6.com: YXYB9KF
legendary
Activity: 905
Merit: 1000
This is an example of a private key, written in hexadecimal
E9 87 3D 79 C6 D8 7D C0 FB 6A 57 78 63 33 89 F4 45 32 13 30 3D A6 1F 20 BD 67 FC 23 3A A3 32 62

And here is the same private key, written in Base 58 Wallet Import format
5Kb8kLf9zgWQnogidDA76MzPL6TsZZY36hWXMssSzNydYXYB9KF

Either could be punctuated in various ways to make the purpose less obvious

E9 87 3D 79
C6 D8 7D
C0 FB 6A
57 78 63 33 89
F4 45 32
13 30 3D A6
1F 20 BD 67 FC
23 3A A3 32 62

5Kb8kL
f9z
gWQnogid
DA76
MzPL6T
sZZY
36h
WXMss
SzNyd
YXYB9KF

These, printed on paper on a page of uninteresting text, might be more secure than an ornate banknote type design, that contains a scannable QR code and the word "Bitcoin".

sr. member
Activity: 392
Merit: 250
you could hide that on an empty cerial box and nobody would ever know what it is

That may work, but I'd always be afraid someone would find the box and think it was trash and consequently throw it away Shocked

and thats exactly why i went on to my second point, putting it on something that nobody else would want to touch...like your vaseline, jock itch cream, or your mom
sr. member
Activity: 308
Merit: 250
Encrypt private key with some random encryption algorithms/ciphers and get it tattooed on your body somewhere.

Your private key will stay with you forever.

However if you are some criminal etc, police will find it,but you can still try to use your mind and hide it properly.

http://crypo.in.ua/
http://www.crypo.com/
http://www.crypo.net/
legendary
Activity: 1078
Merit: 1003
you could hide that on an empty cerial box and nobody would ever know what it is

That may work, but I'd always be afraid someone would find the box and think it was trash and consequently throw it away Shocked
sr. member
Activity: 392
Merit: 250
You can further reinforce a paper wallet by protecting it with other materials (such as those that are fire rated).
 
I love the barcode idea with ISBN.. you could hide that on an empty cerial box and nobody would ever know what it is, or on a product nobody wants to touch.. like a can of jock itch cream  Cheesy
full member
Activity: 219
Merit: 101
 

Piper can print encrypted paper wallets that you can also back up onto a flash drive.  So you can have the best of both worlds!
legendary
Activity: 1442
Merit: 1005
Both can get:
- stolen
- broken
- lost
- misplaced
- burnt
- copied

Paper wallet can get:
- wiped out due to crappy ink or light (laminate or fold them)
- decoded directly by an adversary

Flash drive can get:
- hardware obsolete or incompatible (5.25 or even 3.5 floppies anyone?)(remember spindle magnetic platter hard drives anyone?!)
- software obsolete or incompatible (think future bitcoin clients)
- impossible to open due to password forgotten (happens very often)
- wiped out due to software/hardware/time

Why would you store a sensitive piece of information on a very complex, untested and fragile technological device, when a simpler and more reliable method exists?
hero member
Activity: 518
Merit: 500
Only the private key is needed to spend the bitcoin! The address is used to deposit and verify the balance.

Ok thank you for the clarification there. You can see I'm still learning with much of this, and that's a rookie mistake.
vip
Activity: 756
Merit: 503
I guess you could hide the paper wallet private key separately from the BTC address....
Only the private key is needed to spend the bitcoin! The address is used to deposit and verify the balance.

2 of 3 paper wallet will add even more security when developed: https://bitcointalksearch.org/topic/2-of-3-paper-wallets-139625

Paper is the safest option imo.
legendary
Activity: 905
Merit: 1000
Paper appears to be one of the reasonable options.

Backing up your wallet is the key point.
hero member
Activity: 518
Merit: 500
yes but if it is on a shelf, then it could burn up in a fire.  And still could be seized easily.  I guess if you want to go that route, you should multiple backups and you have to come up with your own personal encryption method.

But that's why I say flash drive is better.  Yes it may not last for hundreds of years, but it doesn't need to...probably a lifetime at most and most likely a lot less than that.  If you have it encrypted, you could put it on multiple ones for low cost...or just a cheap 1GB microsd card. you can probably order 10 of those on ebay for $10 or so..if not less.

Well I'm just thinking outloud but the paper wallet thing just doesn't seem great to me after giving it more thought.  The downside with the encrypted wallet is that you have to remember the password and in case of brain damage or death, you won't have it.  So you still have to hide that somehow.
legendary
Activity: 905
Merit: 1000
Paper documents have lasted at least for centuries https://en.wikipedia.org/wiki/Missal_of_Silos , if protected from fire and water.  Modern papers are even more resistant to decomposition than they used to be.  A paper wallet does not necessarily need to have the words "Bitcoin Wallet" printed on it.  For example, I could download a large text file, insert some Bitcoin info into it (perhaps on the ISBN page) and print it.  

 

In a binder, on a shelf, it would not attract attention.  There are many other possibilities.  Printed QR codes https://en.wikipedia.org/wiki/QR_code can also be obfuscated so that they are not readily associated with Bitcoins, but would still be scan-able.

Flash drives are said to have a much shorter lifespan, and an inquisitive person (Investigator) could reasonably conclude that files on it are important, and potentially valuable.  It could easily attract attention.  Flash drives can become infected or corrupted.

Disclaimer:  I back up wallet data to flash drives.
hero member
Activity: 518
Merit: 500
People talk about paper wallets a lot and "cold storage" but it seems like it would be safer to have an encrypted electronic wallet, copied to multiple flash/drives computers.   I'm talking about professional grade encryption like PGP or truecrypt.

But it seems like a paper wallet could be seized just about as easily as your fiat in a bank account.  Unless you hide the paper wallet somewhere like burying it in the wilderness, but you could do the same with fiat cash and that is a lot more stable of a currency than BTC.

I guess you could hide the paper wallet private key separately from the BTC address....maybe that would work but seems like putting the encrypted wallet on a few flash drives and hiding them would be better.  Then even if someone found it (which would not happen if you hid it well enough), then they couldn't even use it, not matter what.

Well please tell me if I'm missing something here...thanks.
Jump to: