I believe in almost all places of the world, vulcanos/earthquakes/other tectonic activity, rarely causes changes more than centimers per year.
Also, you don't need perfect accuracy; you can still have the system attempt coordinates in an area wider and wider around the chosen location. Using a coordinate with accuracy 1m, and using areas of 30m in size seems quite reasonable, and requires only trying a 1000 coordinates.
Seems like a nice idea, using this as entropy.
Topic: Making a brain wallet "cheat sheet" - page 2. (Read 3371 times)
Hm, I don't know that much about GPS, but if you say it stays constant over time I'll take your word for it.
That sounds like a good idea, but you would have to use a very low level of precision to ensure it stays constant. Otherwise, you risk losing tack of that area through earthquakes, landslides, and redevelopment. I wouldn't feel comfortable getting much more precise than the city the even took place in. It would be difficult to figure out exactly what part of the new commercial development used to be the park where you were bitten.
This would be good for a retirement account, since it would be a lot of trouble to dig up this info on a more regular basis. It would certainly be hard to brute force though.
That sounds like a good idea, but you would have to use a very low level of precision to ensure it stays constant. Otherwise, you risk losing tack of that area through earthquakes, landslides, and redevelopment. I wouldn't feel comfortable getting much more precise than the city the even took place in. It would be difficult to figure out exactly what part of the new commercial development used to be the park where you were bitten.
This would be good for a retirement account, since it would be a lot of trouble to dig up this info on a more regular basis. It would certainly be hard to brute force though.
You could use the GPS coordinates of somewhere memorable (eg where you had your first kiss)
You will almost certainly forget the coordinates but can look them up, or actually go there again with a GPS sensor. You would need to remember the level of accuracy and map coordinate system for it to be repeatable.
So the question might be:
Where were you bitten by a dog when you were seven ? (lat, long in degrees to 0.01 degrees)
You will almost certainly forget the coordinates but can look them up, or actually go there again with a GPS sensor. You would need to remember the level of accuracy and map coordinate system for it to be repeatable.
So the question might be:
Where were you bitten by a dog when you were seven ? (lat, long in degrees to 0.01 degrees)
cbeast - Could you expand on that? I'm not sure I understand. Does it involve hypnosis or dream hacking? 
CIYAM Pty. Ltd. - Yeah, that's a good idea. I had the same thought.
CIYAM Pty. Ltd. - Yeah, that's a good idea. I had the same thought.
I would advise that at the very least some of your "answers" (assuming each one is a part of the pass phrase) should include numerical characters and also other characters (such as - $ @ &).
The following might give you some ideas:
Q. Birth date of someone important:
A. 1779-03-14
Q. Price paid for your first bitcoin:
A. $5.55
Q. An obvious equation:
A. 1+1=10
Q. Gave you a nudge:
A.
Q. Long live:
A. Rock&Roll
Q. Full Metal Jacket:
A. *****
Pass phrase: 1779-03-14$5.551+1=10;)Rock&Roll*****
The following might give you some ideas:
Q. Birth date of someone important:
A. 1779-03-14
Q. Price paid for your first bitcoin:
A. $5.55
Q. An obvious equation:
A. 1+1=10
Q. Gave you a nudge:
A.
Q. Long live:
A. Rock&Roll
Q. Full Metal Jacket:
A. *****
Pass phrase: 1779-03-14$5.551+1=10;)Rock&Roll*****
I'm eventually planning a website with many many brain wallet tools. You have a good idea. I have many ideas also. One of the things I'm working on is accessing your brain in different states of consciousness to defeat chemical and physical coercion.
To my understanding, using hashed string as a brain wallet carries with it the following risks:
1. The passphrase might be forgotten.
2. The passphrase might be randomly brute-forced by an attacker performing something like a dictionary attack on hashed strings.
--2.5 There could be an unintentional collision with someone who happens to use the same passphrase.
3. The passphrase might be stolen/phished/whatever.
4. Some combination of 3 and 2. Part of the passphrase is stolen, and the rest is discovered through brute force.
(1) is a big concern for me. I intend to keep some savings in bitcoin for a long time, and it's very likely that I will forget the key if it is too difficult to remember.
My idea is to make a list of personal questions, and have the answers be my passphrase. I understand that because of (2) doing so is magnitudes less secure than using a randomly generated passphrase, but using a random phrase would make (1) likely. I wanted to have the key based on facts that will remain relatively significant to me throughout my life.
The list will be semi-secret. I'm not going to show it in public, but I won't worry about keeping copies in several different places, online and offline.
My thinking is that in order to access my BTC, the attacker would either have to know me very well or invest considerable resources researching me. With a sufficiently long list, (2) is less likely, albeit still a possibility. I was thinking at least fifteen questions.
There's a small risk that the attacker will indeed know me well. I need to think of some questions that I'll always remember the answer to, but have never told anyone else and never will. This is easier said than done.
To minimize the risk of someone finding the list and brute forcing the answers they don't know, I'll need to think of multiple questions with a large number of possible answers. Any suggestions? I've also included some "trick" questions, where the nature of the answer is unexpected.
Comments? Anyone with a better understanding of cryptography able to give me some idea of how many questions with how many possible answers would be needed to make this impractical to brute force?
1. The passphrase might be forgotten.
2. The passphrase might be randomly brute-forced by an attacker performing something like a dictionary attack on hashed strings.
--2.5 There could be an unintentional collision with someone who happens to use the same passphrase.
3. The passphrase might be stolen/phished/whatever.
4. Some combination of 3 and 2. Part of the passphrase is stolen, and the rest is discovered through brute force.
(1) is a big concern for me. I intend to keep some savings in bitcoin for a long time, and it's very likely that I will forget the key if it is too difficult to remember.
My idea is to make a list of personal questions, and have the answers be my passphrase. I understand that because of (2) doing so is magnitudes less secure than using a randomly generated passphrase, but using a random phrase would make (1) likely. I wanted to have the key based on facts that will remain relatively significant to me throughout my life.
The list will be semi-secret. I'm not going to show it in public, but I won't worry about keeping copies in several different places, online and offline.
My thinking is that in order to access my BTC, the attacker would either have to know me very well or invest considerable resources researching me. With a sufficiently long list, (2) is less likely, albeit still a possibility. I was thinking at least fifteen questions.
There's a small risk that the attacker will indeed know me well. I need to think of some questions that I'll always remember the answer to, but have never told anyone else and never will. This is easier said than done.
To minimize the risk of someone finding the list and brute forcing the answers they don't know, I'll need to think of multiple questions with a large number of possible answers. Any suggestions? I've also included some "trick" questions, where the nature of the answer is unexpected.
Comments? Anyone with a better understanding of cryptography able to give me some idea of how many questions with how many possible answers would be needed to make this impractical to brute force?
Jump to: