Author

Topic: Safely generating paper wallets with live OS? (Read 429 times)

copper member
Activity: 1498
Merit: 1528
No I dont escrow anymore.
February 23, 2016, 10:22:36 AM
#7
So I've decided to use BIP38 encrypted paper wallets as my primary method of storing BTC, however I wanted to ask about the security of genering those images. I originally wanted to build a seperate cheap computer just for the purpose of generating paper wallets, but not sure if I need to go to that length. If I generated the wallets from a live OS, say booted from a USB flash drive, saved the wallet images, and then restarted back to host OS, is that secure enough? Also, would it help to have all harddrives disconnected along with the internet to ensure nothing is saved to disk or sent out of network?

Secure enough for what? You should make sure that you have a high enough entropy when generating the keys. This can be problematic without disks or internet connection.

Secure enough to not have to worry of having thousands of dollars worth of bitcoins (or whatever the value of bitcoins may be in the future) being compromised by bitcoin searching hackers.

As far as entropy, I would use the page bitaddress.org (save local copy), is the entropy good enough from that? (it creates it by random mouse motion and also user input characters).

Sounds like a reasonable secure plan. The software you picked is old and tested, has a entropy source that is independent from the OS and its designed to run offline. Make sure you verify the download though.

Great, thanks. I might give it a try. How would you suggest verifying the bitaddress.org download?

via PGP -> https://www.bitaddress.org/pointbiz_bitaddress.org.asc
-> https://www.bitaddress.org/bitaddress.org-v3.2.0-SHA256-ad4fd171c647772aa76d0ce828731b01ca586596275d43a94008766b758e8736.html.sig
member
Activity: 76
Merit: 14
February 22, 2016, 02:25:33 PM
#6
So I've decided to use BIP38 encrypted paper wallets as my primary method of storing BTC, however I wanted to ask about the security of genering those images. I originally wanted to build a seperate cheap computer just for the purpose of generating paper wallets, but not sure if I need to go to that length. If I generated the wallets from a live OS, say booted from a USB flash drive, saved the wallet images, and then restarted back to host OS, is that secure enough? Also, would it help to have all harddrives disconnected along with the internet to ensure nothing is saved to disk or sent out of network?

Secure enough for what? You should make sure that you have a high enough entropy when generating the keys. This can be problematic without disks or internet connection.

Secure enough to not have to worry of having thousands of dollars worth of bitcoins (or whatever the value of bitcoins may be in the future) being compromised by bitcoin searching hackers.

As far as entropy, I would use the page bitaddress.org (save local copy), is the entropy good enough from that? (it creates it by random mouse motion and also user input characters).

Sounds like a reasonable secure plan. The software you picked is old and tested, has a entropy source that is independent from the OS and its designed to run offline. Make sure you verify the download though.

Great, thanks. I might give it a try. How would you suggest verifying the bitaddress.org download?
copper member
Activity: 1498
Merit: 1528
No I dont escrow anymore.
February 22, 2016, 01:06:55 PM
#5
So I've decided to use BIP38 encrypted paper wallets as my primary method of storing BTC, however I wanted to ask about the security of genering those images. I originally wanted to build a seperate cheap computer just for the purpose of generating paper wallets, but not sure if I need to go to that length. If I generated the wallets from a live OS, say booted from a USB flash drive, saved the wallet images, and then restarted back to host OS, is that secure enough? Also, would it help to have all harddrives disconnected along with the internet to ensure nothing is saved to disk or sent out of network?

Secure enough for what? You should make sure that you have a high enough entropy when generating the keys. This can be problematic without disks or internet connection.

Secure enough to not have to worry of having thousands of dollars worth of bitcoins (or whatever the value of bitcoins may be in the future) being compromised by bitcoin searching hackers.

As far as entropy, I would use the page bitaddress.org (save local copy), is the entropy good enough from that? (it creates it by random mouse motion and also user input characters).

Sounds like a reasonable secure plan. The software you picked is old and tested, has a entropy source that is independent from the OS and its designed to run offline. Make sure you verify the download though.
member
Activity: 76
Merit: 14
February 22, 2016, 01:03:01 PM
#4
So I've decided to use BIP38 encrypted paper wallets as my primary method of storing BTC, however I wanted to ask about the security of genering those images. I originally wanted to build a seperate cheap computer just for the purpose of generating paper wallets, but not sure if I need to go to that length. If I generated the wallets from a live OS, say booted from a USB flash drive, saved the wallet images, and then restarted back to host OS, is that secure enough? Also, would it help to have all harddrives disconnected along with the internet to ensure nothing is saved to disk or sent out of network?

Secure enough for what? You should make sure that you have a high enough entropy when generating the keys. This can be problematic without disks or internet connection.

Secure enough to not have to worry of having thousands of dollars worth of bitcoins (or whatever the value of bitcoins may be in the future) being compromised by bitcoin searching hackers.

As far as entropy, I would use the page bitaddress.org (save local copy), is the entropy good enough from that? (it creates it by random mouse motion and also user input characters).
staff
Activity: 3500
Merit: 6152
February 22, 2016, 12:47:34 PM
#3
You can do it this way :
Plugin the USB drive in your PC and run the OS (Linux), turn off your internet off (to make sure you are not connected to internet) , generate the Paper wallet and print it , take the USB off the PC , then reboot and put the internet back and you should be fine as long as you don't forget the passphrase .
copper member
Activity: 1498
Merit: 1528
No I dont escrow anymore.
February 22, 2016, 12:45:57 PM
#2
So I've decided to use BIP38 encrypted paper wallets as my primary method of storing BTC, however I wanted to ask about the security of genering those images. I originally wanted to build a seperate cheap computer just for the purpose of generating paper wallets, but not sure if I need to go to that length. If I generated the wallets from a live OS, say booted from a USB flash drive, saved the wallet images, and then restarted back to host OS, is that secure enough? Also, would it help to have all harddrives disconnected along with the internet to ensure nothing is saved to disk or sent out of network?

Secure enough for what? You should make sure that you have a high enough entropy when generating the keys. This can be problematic without disks or internet connection.
member
Activity: 76
Merit: 14
February 22, 2016, 12:42:53 PM
#1
So I've decided to use BIP38 encrypted paper wallets as my primary method of storing BTC, however I wanted to ask about the security of genering those images. I originally wanted to build a seperate cheap computer just for the purpose of generating paper wallets, but not sure if I need to go to that length. If I generated the wallets from a live OS, say booted from a USB flash drive, saved the wallet images, and then restarted back to host OS, is that secure enough? Also, would it help to have all harddrives disconnected along with the internet to ensure nothing is saved to disk or sent out of network? Ultimately I'm trying to avoid having the passphrase for the encrypted wallets be saved anywhere but my in my (brain) memory.
Jump to: