Author

Topic: Paper wallet standard idea (Read 719 times)

legendary
Activity: 4424
Merit: 4794
September 24, 2012, 09:41:19 PM
#4
flawed idea
sr. member
Activity: 317
Merit: 252
September 24, 2012, 02:45:19 PM
#3
No need for a QR scanner?

It's just another standard way to encode the key. Not meant to replace QR code.
vip
Activity: 1386
Merit: 1140
The Casascius 1oz 10BTC Silver Round (w/ Gold B)
September 24, 2012, 01:54:44 PM
#2
Why not just use a QR code instead?  It provides redundancy plus the ability to enter it in automatically.

I am not saying it's intrinsically a bad idea, but I do think it's a bad idea to require its implementation among every service that prints paper wallets or accepts private keys absent some compelling reason to include it.

It would be an excellent solution if we were ever to get to a point where private keys were commonly read aloud, or over the phone.  It would sure beat "OK sir, I'm ready for your bitcoin payment code."  "OK, let's see... five... capital J... lowercase d... the number 7"... but I'm not sure that will ever happen.  If it were, I'd say come up with a way to convey a minikey.
sr. member
Activity: 317
Merit: 252
September 24, 2012, 01:49:41 PM
#1
One idea for creating a brain / paper wallet is to come up with a password, then pass it through SHA256 to turn in into a proper private key. The problem here is that the password has much fewer than 256 bits (and is non-random), so it's easier to crack.

The more secure way to do it is to come up with a random 256 bit key and then to represent it in a human readable / understandable form. Even if you are storing the key in written form, it's good to have it in a human readable form as an error correction mechanism.

The problem is that anyone can create their own conversion from privkey to human words. You must now remember both a string of words and the exact method used. It would be better if there was a standard for converting privkey to words.

Luckily, there is this: http://en.wikipedia.org/wiki/PGP_word_list

It's a standard for converting bytes to common English words. The words were chosen to be pronounced as differently from each other as possible. There is extra error detection built in with even and odd bytes encoded as different words. Read the article, it explains it better.

My proposal is to use the PGP word list as a standard for encoding privkeys. 32 words to encode a privkey. It won't work as a brain wallet. Still a good idea as a paper wallet though.
Jump to: