Topic: Most secure storage method? (Read 1698 times)

+1

I agree. This is the most efficient and secure storage method.

Then all you have to do is use a strong password and adequately guard it. Whenever entering the password be sure nobody can access it, e.g. binoculars through window, key loggers etc., and you're good to go. Use a dedicated offline computer to send coins, only connecting to the Internet when sending, and reformat it after each use if super paranoid. Also change passphrase periodically.

It's impossible to tell at this stage. This is the first time I've tried to bring a product to market and there's a lot to learn.

I created a follow up video demonstrating how to verify the software installed on the device.

http://www.youtube.com/watch?v=lcDDv-FvZWU

The source code is published here.

https://github.com/spearson78/paperwallet


Ultimately you can only trust yourself.

If I manage to productize my printer and you are truly paranoid you'll need to

• open the box and look inside to verify there are no evil components.
• Verify the software matches the published source code
• Verify the published source code is not evil.

If you have any additional concerns please let me know preferabl in an open forum such as this.
I need to know them so I can provide the necessary evidence/facilities to mitigate them.

Most secure would have to be a brainwallet. So i would probly use that if i had a large amount of bitcoins/litecoins. Of course you would need to write it down somewhere in case you forgot it.

Can I trust you? How can I verify all the content of software?

I considered this issue a bit in general sense:
Can you trust the software?
Wouldn't it be rather simple to make weak random generator or just initialize one with certain same parameters.
Basically based on system you could be able to make only rather tiny subset of key space and even periodically alter this.
Limiting generation to a few million keys might work out if you can also track that space.

Really question is who can you trust or what can you trust. Paranoia does make life rather hard...

Steve,

How long until you have a product ready to sell to the public?

I would be interested.

You should try some deniable encryption technique, and hide your Bitcoin purchases with the noise of the network.

My bitcoin paper wallet printer avoids many of the malware concerns when printing paper wallets.

http://www.youtube.com/watch?v=noW77GqmNBQ&feature=youtu.be

1. Dedicated offline Ubuntu Live on USB drive.
2. Create a bunch of private keys offline and put them in a truecrypt container.
3. Backup the truecrypt container on multiple locations (both local and online).

This pretty much reduces the risk of theft or losing the money to ZERO percent.

For extra paranoia, e.g. in case of kidnapping your family and demanding the private keys as ransom:

4. Use a time-lock, i.e. a remotely controlled server that sends the passphrase for the truecrypt container only X days after you request it. Obviously this implies the inconvenience of not *instantly* being able to access your money, but that's the whole idea.

I don't think it gets any more secure than this.

You will always trade security for convenience.  So you either want more security or more convenience.  You must choose a happy medium or go full bore on one or the other.

Most Secure:  Offline Cold Storage with paper backups (use pen ink as it does not disappear as fast as printer ink).

Most Convenient, most secure for online wallets:  Blockchain.info

Most Convenient:  Some new wallet site that will get hacked.

Yes, Armory is sufficient if you use an offline computer which you set up properly (clean OS/wallet install). However, there is one (actually two, which I'll explain...) potential vulnerability in the Armory system I see, which is dependence on shuttling data back and forth from offline to online computers with a USB drive. It's possible to infect computers with viruses, even offline ones, simply from plugging in USB drives. This is due to the Autorun and install feature of an OS. So you'd want to be sure to disable that on the offline computer. It's usually a Windows concern, but can apply to Linux too: http://linux.slashdot.org/story/11/02/07/1742246/usb-autorun-attacks-against-linux

If you're careful about not falling victim to USB autorun viruses, then I'd say Armory with an offline (and encrypted) computer and printed paper backups is nearly impenetrable.

However ...

When securing anything, you're only as secure as your weakest link.

If I were securing say 1 million dollars or more then I'd want to reduce my attack surface to the smallest possible.

Storing bitcoins on any computer, even an offline one, is risky. You reduce that risk by installing a clean OS and keeping it offline, but as I point out above even that can be compromised by USB if you're not careful. Even if you do all that properly then you have to remember to keep your physical computer safe from unauthorized use. To do that you can obviously encrypt it with a strong password, but then you have to keep the password safe too. I won't go into the various ways passwords might be learned by attackers, but just keep in mind thieves work full time on finding weak links, and have been doing so for many years. If you're storing millions of dollars I'd consider even an offline computer a risk, albeit small.

I'd do things differently with huge amounts.

First, I'd start with a dedicated offline computer and clean OS install (preferably Linux), then install the Bitcoin-qt wallet (do that securely by USB etc.) and generate some addresses. Then use Armory to print or simply copy by hand the private keys of several addresses. Say I was storing 5 million dollars. I might break that down into paper sheets of 100K each, with one address (and its amount label) per sheet (so say 50 sheets). This would be essentially printing money. I'd make two copies.

People are good with storing/guarding physical things. This moves things to that realm. After I had my two copies of private keys, and sent the correct value to each address (100K each or whatever) then I'd put those sheets into two separate brief cases and delete everything from the offline computer, reformat it. Now, I have 5 million dollars worth of value in two briefcases, and security depends on how well I can secure those briefcases. That's easy to grasp conceptually.

Next I'd transport and place the contents of each briefcase into two separate bank safety deposit boxes. Now the security of the 5 million dollars is how well access to the safety deposit boxes is guarded. This puts security back into a familiar well established model.

Whenever I needed funds I'd go to the safety deposit box, extract desired number of sheets of value and import the private keys back into a newly installed OS and Bitcoin-qt wallet on an offline computer again. Then I could use Armory, or even connect directly to the Internet to send coins. Since I wouldn't be visiting any sites, downloading any files etc., the chance of getting a virus would be essentially zero, and even if there was anything loss is limited to only that transfer session.

Send remaining balance to more sheets of paper, delete files again/reformat computer, and place sheets of new value back in deposit box(es).

Keys generated in audited software environment not connected on Internet and then printed out is likely the best bet. Then the problem is how to secure these paper keys. One way is to add extra layer of encryption and I think you could cut the key in multiple parts and deposit those in safe locations. Ofc, these locations must be safe from any sort of damage or you have to use multiple locations for each key.

Maybe I should have qualified the thread title by including the word "practical"  

Not sure about your memory, but for me this method would qualify as one of the least secure methods.  Nobody else would ever get thes bitcoins, but odds are I wouldn't be able to retrieve them either. 

Can you calculate new key by hand?

If so follow next steps:

1. Get next materials: Old Salt mine, group of armed guards, paper, pen, calculator, light source.
2. Go to the mine, post the guards outside after thoroughly checking the mine.
3. Do the calculations by hand.
4. Memories both private and public key.
5. Burn any materials used in process.
6. ?
7. Done!


Not very cheap or easy...

Most secure way: Wipe the private key (and all of its copies) and then commit suicide. However, I'd not recommend that.

You could instead consider so stash a cold storage in some creative way. Like a weather baloon in orbit around the earth, with an expected drop-off in some future time/location.

Another way is to encrypt it with a weak cipher expected to be obsolete within some future time due to Moores Law, but that's taking risks...

Assuming they know you have them... and you think like that, there is no help.
Otherwise you could try some offline options, or even a few of them at the same time.

By that sense of life, you probably have a large sum of cash too, why not take your wife or kid hostage until you pay ransom?

At some point your no longer able to stay safe if that's what you consider as your biggest threat than you need a body guard and regardless if you have a million in one or 200 wallets.

Talking about a gun to your head is just silly.

So let's say someone knows that I own a large sum of bitcoins.  What's to deter someone from holding a gun to my head and threatening to kill me unless I tell them my private key?  

Point being, holding all bitcoins in 1 wallet doesn't seem too feasible.

Memorize your private key and delete any trace of it, having used a secured offline pc.