Pages:
Author

Topic: Paper wallet without printing (Writing it down by hand) (Read 3596 times)

legendary
Activity: 1512
Merit: 1036
As discussed in many places, a brain wallet does *not* need to be long and complicated to have massive entropy. Eight to twelve random dictionary words is all that is needed.

I cannot confirm that this is true.

"Massive" entropy to me would equal the same strength as a randomly-generated private key. We must therefore first derive a random full-strength key and then discover a method of encoding that into "brain wallet words".

In my search for a libre standard-word dictionary, I found GNU Collaborative International Dictionary of English. From it, I extracted 131559 words, just a bit more than 2^17. At least half are not suitable, as they are multiple words or very obscure:

Drymoglossum

Drynaria

Dryness

Dry nurse

dry-nurse
Drynurse

Dryobalanops

drypis

Dry-rub


If we eliminate all but single words, the dictionary is ~2^16. If we give users the option of changing individual unmemorable words to at least three other words with the same identity, we are down to 2^14; 14 bits.

A Bitcoin private key is 256 bits in size. Therefore encoding 256 bits in 14 bit words = 19 words.

ECC key strength is commonly quoted as equivalent to half-length symmetric key algorithms. So, for example, a 256-bit ECC key would have roughly the same strength as a 128-bit symmetric key. However, the conjectured strength of secp256k1 may be as low as 50 bits in certain attacks. http://perso.univ-rennes1.fr/reynald.lercier/file/FLRV08.pdf. Therefore it is important that the first requirement of EC, full-strength random numbers for both key generation and signing, actually be used.

The reason Electrum words seeds appear shorter is they are half the length of a Bitcoin private key.

 "constant forest adore false green weave stop guy fur freeze giggle clock" = 431a62f1c86555d3c45e5c4d9e10c8c7 = 128 bits

All Electrum addresses are deterministically based on something 340,282,366,920,938,463,463,374,607,431,768,211,456 times smaller than a Bitcoin address. Other Brainwallet schemes are even worse.

In conclusion, I'll just leave this here: https://bitcointalksearch.org/topic/ann-python-paper-wallet-generator-with-strong-randomness-361092

full member
Activity: 238
Merit: 100
One last step....  Destroy the computer.  Do not reconnect it to the internet - ever.
member
Activity: 84
Merit: 10
I know it's not too secure, but I just use the "my wallet" extension on Firefox which stores the wallet on Blockchain. The I have the Identifier (in text) backed up to my saved emails as well as the hard drive and a cloud storage site, as well as the wallet file in both places. Still have to remember not to forget the password, but it's quite long and should be un-guessable. 
sr. member
Activity: 299
Merit: 253
True, if I gave you the correct number of first bits and I didn't reverse the sequence of characters in one of the email addresses etc. The permutations of this combination are endless. It's easy to make this your own. The best part is you don't need to rely on anyone or any program and always have your key with you.
In the end you are not getting around storing the necessary bits of entropy, although smart methods may make it seem like less to memorize.
hero member
Activity: 588
Merit: 500
Hah I think that is safer than moving it into an electronic method but only if you could save it correctly with no mistakes. otherwise using a flash driver might be better.
legendary
Activity: 2156
Merit: 1393
You lead and I'll watch you walk away.
Hi, I'm looking to store bitcoins securely for the long term (hoping they'll one day be worth $5000 haha)

Please tell me if this is a secure way:

boot from Ubuntu Live CD ---> Bitaddress.org ---> Disconnect from internet ---> Generate address & private key (how do these two get input into the bitcoin system if I am disconnected from the internet?)---> Write these two down with hand on paper ---> Shutdown.

Also, when using the Brain Wallet function, I should type in something ridiculously long and complicated and I won't need to remember the passphrase nor write it down as long as I have the private key correct?


I use a similar method. I use Puppy to store a key to a USB stick and dupe it several times. If you're encrypting the key you will need the passphrase. For an effective brain wallet try using firstbits.com. All you need to remember is the first 6-8 characters.

My favorite way is one I developed myself. I store the key in my phone and backed up to my computer as a collection of contacts in my contact list. I have 50 contacts stored with fake email addresses where the beginning of the email is a part of the key. I memorize the first four characters and store the remainder as a sequence in the list of contacts that only I know.

1JwS memorized

With Johns contact email [email protected]
And Janet's email [email protected]
And Ted's email [email protected]

And so on. Only I know which emails go together and in what order. Just picking the correct sequence of 6 numbers considering one of the emails could be used twice your chance of picking the correct order would be 1 in 175,711,536 and you still wouldn't have the first 4.

It's a good idea considering the niche of the idea, but if someone were to go after you in particular, you've already given someones brute-force mechanism a pretty good start.

True, if I gave you the correct number of first bits and I didn't reverse the sequence of characters in one of the email addresses etc. The permutations of this combination are endless. It's easy to make this your own. The best part is you don't need to rely on anyone or any program and always have your key with you.
legendary
Activity: 1204
Merit: 1002
RUM AND CARROTS: A PIRATE LIFE FOR ME
Hi, I'm looking to store bitcoins securely for the long term (hoping they'll one day be worth $5000 haha)

Please tell me if this is a secure way:

boot from Ubuntu Live CD ---> Bitaddress.org ---> Disconnect from internet ---> Generate address & private key (how do these two get input into the bitcoin system if I am disconnected from the internet?)---> Write these two down with hand on paper ---> Shutdown.

Also, when using the Brain Wallet function, I should type in something ridiculously long and complicated and I won't need to remember the passphrase nor write it down as long as I have the private key correct?


I use a similar method. I use Puppy to store a key to a USB stick and dupe it several times. If you're encrypting the key you will need the passphrase. For an effective brain wallet try using firstbits.com. All you need to remember is the first 6-8 characters.

My favorite way is one I developed myself. I store the key in my phone and backed up to my computer as a collection of contacts in my contact list. I have 50 contacts stored with fake email addresses where the beginning of the email is a part of the key. I memorize the first four characters and store the remainder as a sequence in the list of contacts that only I know.

1JwS memorized

With Johns contact email [email protected]
And Janet's email [email protected]
And Ted's email [email protected]

And so on. Only I know which emails go together and in what order. Just picking the correct sequence of 6 numbers considering one of the emails could be used twice your chance of picking the correct order would be 1 in 175,711,536 and you still wouldn't have the first 4.

It's a good idea considering the niche of the idea, but if someone were to go after you in particular, you've already given someones brute-force mechanism a pretty good start.
legendary
Activity: 952
Merit: 1005
--Signature Designs-- http://bit.ly/1Pjbx77
Just make sure you give clear instructions to whoever you want to pass the coins onto ..... most of us techies struggle with some of this stuff. Imagine what a "normal" person would think.

Yes, I will. Thanks for reminder
(I am actually a "normal" person, technologies get the better of me Grin)
hero member
Activity: 518
Merit: 500
That sounds a bit "mixed" between "secure" and "not secure".

I know, my idea is to be "guess-friendly" for those who know me but relatively secure to those who doesn't. Given my clues (not the ones I disclosed above), I don't think one single person (except me of course) know all the answers. Even if they do, they would need to try multiple times to get every format right (example, "june" or "6", detailed car make and model...)

If you want to pass your bitcoins on, go and stick the password in a bank vault or with a solicitor

I make new addresses quite often, it would be difficult to update keys if they were in a remote location.
I don't have that much bitcoins to justify these types of security anyway Cheesy

Actually, I have heard SO many users back up their keys/wallet.dat on USB drives. I don't know whether mine are cheap ones or the way I use them, these USB sticks do die! I have lost photos on them before. So, if you use them for storage, make duplicates on 2 or 3 USB drives/SDCard.



Just make sure you give clear instructions to whoever you want to pass the coins onto ..... most of us techies struggle with some of this stuff. Imagine what a "normal" person would think.
legendary
Activity: 952
Merit: 1005
--Signature Designs-- http://bit.ly/1Pjbx77
That sounds a bit "mixed" between "secure" and "not secure".

I know, my idea is to be "guess-friendly" for those who know me but relatively secure to those who doesn't. Given my clues (not the ones I disclosed above), I don't think one single person (except me of course) know all the answers. Even if they do, they would need to try multiple times to get every format right (example, "june" or "6", detailed car make and model...)

If you want to pass your bitcoins on, go and stick the password in a bank vault or with a solicitor

I make new addresses quite often, it would be difficult to update keys if they were in a remote location.
I don't have that much bitcoins to justify these types of security anyway Cheesy

Actually, I have heard SO many users back up their keys/wallet.dat on USB drives. I don't know whether mine are cheap ones or the way I use them, these USB sticks do die! I have lost photos on them before. So, if you use them for storage, make duplicates on 2 or 3 USB drives/SDCard.

hero member
Activity: 518
Merit: 500
Hi, I'm looking to store bitcoins securely for the long term (hoping they'll one day be worth $5000 haha)

Please tell me if this is a secure way:

boot from Ubuntu Live CD ---> Bitaddress.org ---> Disconnect from internet ---> Generate address & private key (how do these two get input into the bitcoin system if I am disconnected from the internet?)---> Write these two down with hand on paper ---> Shutdown.

Also, when using the Brain Wallet function, I should type in something ridiculously long and complicated and I won't need to remember the passphrase nor write it down as long as I have the private key correct?


As discussed in many places, a brain wallet does *not* need to be long and complicated to have massive entropy. Eight to twelve random dictionary words is all that is needed.
hero member
Activity: 910
Merit: 1000
Hi, I'm looking to store bitcoins securely for the long term (hoping they'll one day be worth $5000 haha)

Please tell me if this is a secure way:

boot from Ubuntu Live CD ---> Bitaddress.org ---> Disconnect from internet ---> Generate address & private key (how do these two get input into the bitcoin system if I am disconnected from the internet?)---> Write these two down with hand on paper ---> Shutdown.

Also, when using the Brain Wallet function, I should type in something ridiculously long and complicated and I won't need to remember the passphrase nor write it down as long as I have the private key correct?


They appear and are seen on the network the first time they are used.
hero member
Activity: 518
Merit: 500
I just save the keys in a plain text file and compress using 7zip using SHA256 with a long password. Then write down the clues something like this:

myfirstcar+myfirstmobilenumber+homevillage+firstpetname+mumbirthyear+dadbirthmonth+favouriteband

Yes, zip is not secure and someone can guess the password, but this is the whole point. I don't want to make my coins completely inaccessible when I leave this world. If my wife or son finds this, they can work them out and retrieve my coins!

That sounds a bit "mixed" between "secure" and "not secure". If you want to pass your bitcoins on, go and stick the password in a bank vault or with a solicitor
legendary
Activity: 952
Merit: 1005
--Signature Designs-- http://bit.ly/1Pjbx77
I just save the keys in a plain text file and compress using 7zip using SHA256 with a long password. Then write down the clues something like this:

myfirstcar+myfirstmobilenumber+homevillage+firstpetname+mumbirthyear+dadbirthmonth+favouriteband

Yes, zip is not secure and someone can guess the password, but this is the whole point. I don't want to make my coins completely inaccessible when I leave this world. If my wife or son finds this, they can work them out and retrieve my coins!
sr. member
Activity: 585
Merit: 250
I would suggest to download the offline version of bitaddress.org and burn onto your live cd, so you never need to connect your offline computer to the internet.

If you write your private key down by hand, I would recommend to always write it at least twice, just in case you make a mistake or your handwriting may be easily misinterpreted in a few years time.... Another thing I tend to do is underline all the capital letters and also draw a line above the numbers, just to add clarity (if your hand writing is very neat then perhaps this isn't necessary.)

Also, the brain wallet idea you suggested isn't a great idea... If you are going to use a chosen passphrase to generate the private key, and then not even store the passphrase but only the private key, i would argue that you are vastly lowering the security of your wallet without even advantaging from the only reason brain wallets exist in the first place...Just forget about brainwallets entirely is my suggestion, they aren't worth the trouble.
full member
Activity: 154
Merit: 100
This is pretty similar to the method I use - don't want anything ridiculously complicated but want to be as secure as possible!

 Wink
hero member
Activity: 518
Merit: 500
Err I wanted to keep it simple -- is my method secure?

Nothing is 100% secure but you have a good method. Live long and prosper Smiley
legendary
Activity: 1232
Merit: 1195
Hi, I'm looking to store bitcoins securely for the long term (hoping they'll one day be worth $5000 haha)

Please tell me if this is a secure way:

boot from Ubuntu Live CD ---> Bitaddress.org ---> Disconnect from internet ---> Generate address & private key (how do these two get input into the bitcoin system if I am disconnected from the internet?)---> Write these two down with hand on paper ---> Shutdown.

That's fine. Obviously just make sure you write the keys down correctly  Cheesy.
newbie
Activity: 8
Merit: 0
Err I wanted to keep it simple -- is my method secure?
legendary
Activity: 2156
Merit: 1393
You lead and I'll watch you walk away.
Only I know which emails go together and in what order.

If you die unexpectedly then how will your heirs be able to inherit your BTC?


There are two other people that know the system. They could get the key. My first four are really easy to remember for someone close to me. The pattern of names is easy too but you would need to know my entire life's relationship history to know it.
Pages:
Jump to: