Incidentally, Casascius himself weighs in on this: https://bitcointalksearch.org/topic/base32-keys-81838
Since there is a 22-character format, the uppercase-only 30-char format is more secure.
Topic: Mini private keys (Read 1425 times)
Thanks for the thoughts. Nice lasered QR.
From another friend:
"We're after a complexity of 160 bits and our character set would be 32: 24 letters (no I or O) and 8 numbers (no 1 or 0). Entropy is normally given as [password length] * ([log(number of characters)] / log(2)) so putting in 32 as the number of characters, 160 as the answer and rearranging to put password length on the left of the equality we get [minimum password length] = 160 / (log(32) / log(2)) = 32. Given the first character of the minikey has to be "S" the key is only really 29 characters long so you're three characters short. Twisting the equation round again, if you want to exceed 160 bits of entropy with a 29 character key your character set needs to consist of at least 46 characters."
In other words, a 30-char uppercase-only key does have significantly decreased security. A 33-char one does not.
From another friend:
"We're after a complexity of 160 bits and our character set would be 32: 24 letters (no I or O) and 8 numbers (no 1 or 0). Entropy is normally given as [password length] * ([log(number of characters)] / log(2)) so putting in 32 as the number of characters, 160 as the answer and rearranging to put password length on the left of the equality we get [minimum password length] = 160 / (log(32) / log(2)) = 32. Given the first character of the minikey has to be "S" the key is only really 29 characters long so you're three characters short. Twisting the equation round again, if you want to exceed 160 bits of entropy with a 29 character key your character set needs to consist of at least 46 characters."
In other words, a 30-char uppercase-only key does have significantly decreased security. A 33-char one does not.
I too think this isn't a good idea,and the security of addresses and bitcoin is more important. also a QR code can be easily put on those metals and with the wide use of smartphones it might be of the same benefit.
I agree
I too think this isn't a good idea,and the security of addresses and bitcoin is more important. also a QR code can be easily put on those metals and with the wide use of smartphones it might be of the same benefit.
Thanks for replying. The security of a mini private key is not appreciably weaker (https://en.bitcoin.it/wiki/Talk:Mini_private_key_format)
However, it would be weaker with all caps... just not sure how much weaker.
Incidentally, how would you implement a QR code on metal?!
However, it would be weaker with all caps... just not sure how much weaker.
Incidentally, how would you implement a QR code on metal?!
Using a laser.
http://www.clanmedia.com/web/img/engrave2.jpg
Thanks for replying. The security of a mini private key is not appreciably weaker (https://en.bitcoin.it/wiki/Talk:Mini_private_key_format)
However, it would be weaker with all caps... just not sure how much weaker.
Incidentally, how would you implement a QR code on metal?!
However, it would be weaker with all caps... just not sure how much weaker.
Incidentally, how would you implement a QR code on metal?!
I think it's security is weaker and it doesn't add much.
A QR-code is easy to implement on paper or metal too, so you can use the full length of a private key.
A QR-code is easy to implement on paper or metal too, so you can use the full length of a private key.
There's a page here: https://bitcointalksearch.org/topic/uppercase-private-key-103939 about generating all-caps private keys for stamping on metal blocks for cold storage (nice idea). A mini private key would be easier, and it would be simple to generate an all-caps mini key. However it would be cryptographically weaker. The question is, how much weaker and would it be weak enough to be a bad idea?
Jump to: