Pages:
Author

Topic: Security of Paper Wallets (Read 3104 times)

legendary
Activity: 3416
Merit: 1912
The Concierge of Crypto
October 30, 2013, 07:15:38 PM
#34
I'm just saying: There is not a person in the world I find that trustworthy that it outweighs the long shot chance of any of the other eventualities occurring. Of course, this is a estimation made by me, but I'm highly confident I'm correct.

Let me note I'm just replying to try and help you. That's why I gave constructive feedback for an alternative for which I do see added value (and therefore a business opportunity).

Thanks. I guess we have to make the exceptions, that some people might be trustworthy, and by default, almost everyone is not, as a sort of rule. In this world, it all boils down to reputation and identity or persona, and how valuable it is perceived to be compared to what is going to be secured or deposited.

The question turns into, how much bitcoins will you entrust in this service? With this particular operator?

Your alternative turns into a local service. Which means the paper wallet is stored at the owners location. They just need help to withdraw their secured bitcoins. That could work. They can go to you, or the ones near me can go to me (although I find that unlikely, but hey, I do know some people with money who don't know a thing about computers.)

Everyone else around the world can come to me and others like me who might be offering a similar service. I see this as something like the localbitcoins thing, where a bunch of individuals located all over will be offering something like this.

Again, it boils down to how much you'd trust that person.

Thanks for the feedback. I'd like to poke as much holes as possible, and then see if this can actually work. My guess is that people in the US will want an "offshore" bitcoin paper wallet service or something along those lines.

And of course, everyone else who knows what they are doing don't need this service.
legendary
Activity: 2324
Merit: 1125
October 30, 2013, 08:34:54 AM
#33
Of course, we have to make some assumptions, that anyone offering such a kind of service is not the type of person to steal it and disappear.

I can only state that for my case, personally. I don't know about anyone else, although it's likely that the top escrows (John K.?), and securities people (bitfunder?) and investment gambling people (just-dice), and even the hosted wallet providers (inputs.io, blockchain) are candidates.

If you can't trust the provider - whether that's due to lack of integrity or to incompetence -, do not send them your bitcoins; goes without saying.

I'm just saying: There is not a person in the world I find that trustworthy that it outweighs the long shot chance of any of the other eventualities occurring. Of course, this is a estimation made by me, but I'm highly confident I'm correct.

Let me note I'm just replying to try and help you. That's why I gave constructive feedback for an alternative for which I do see added value (and therefore a business opportunity).
legendary
Activity: 3416
Merit: 1912
The Concierge of Crypto
October 29, 2013, 09:39:19 PM
#32
Of course, we have to make some assumptions, that anyone offering such a kind of service is not the type of person to steal it and disappear.

I can only state that for my case, personally. I don't know about anyone else, although it's likely that the top escrows (John K.?), and securities people (bitfunder?) and investment gambling people (just-dice), and even the hosted wallet providers (inputs.io, blockchain) are candidates.

If you can't trust the provider - whether that's due to lack of integrity or to incompetence -, do not send them your bitcoins; goes without saying.
legendary
Activity: 2324
Merit: 1125
October 29, 2013, 07:59:14 PM
#31
It was just an idea thrown at me a couple of days ago. What with the FBI being able to seize wallets and anything that is physically located within the United States.

Bad guys, or governments can't torture the password or private key out of you if you don't know it.

I think the idea is to offer the key generation and safe at an off-shore location.

But, that does not prevent bad guys from holding your family ransom while they demand that you withdraw your offline bitcoins from me. (I think that scenario is also applicable to whatever off-shore secret swiss bank account you may have.)

The above are all a lot less likely than the person you are paying to keep your money safe, ending up stealing it.
legendary
Activity: 3416
Merit: 1912
The Concierge of Crypto
October 29, 2013, 07:33:44 PM
#30
It was just an idea thrown at me a couple of days ago. What with the FBI being able to seize wallets and anything that is physically located within the United States.

Bad guys, or governments can't torture the password or private key out of you if you don't know it.

I think the idea is to offer the key generation and safe at an off-shore location.

But, that does not prevent bad guys from holding your family ransom while they demand that you withdraw your offline bitcoins from me. (I think that scenario is also applicable to whatever off-shore secret swiss bank account you may have.)
legendary
Activity: 2324
Merit: 1125
October 29, 2013, 07:59:58 AM
#29
Someone proposed that I offer a service where I generate paper wallets and keep them stored for you under lock and key, and guarded. You get the bitcoin addresses, I keep the private keys secure, offline.

Because there are people out there with hundreds or thousands of bitcoins but aren't good with computers. (or they are drug dealers and practice poor OPSEC.)

Dunno if that's viable, but hey, it's an idea.

If people offer this to you it's their call, but why would anyone trust you with that?

I'd offer the service personally. So I go to their house, create the paper wallet on their HW, sell them a safe and put the paper wallet in there. If they need to money (and need my help) they need to make an appointment and I'll come around and help them. That is at least something I'd consider purchasing if I was "bad with computers" (w/e that means exactly).
legendary
Activity: 3416
Merit: 1912
The Concierge of Crypto
October 29, 2013, 03:02:31 AM
#28
Someone proposed that I offer a service where I generate paper wallets and keep them stored for you under lock and key, and guarded. You get the bitcoin addresses, I keep the private keys secure, offline.

Because there are people out there with hundreds or thousands of bitcoins but aren't good with computers. (or they are drug dealers and practice poor OPSEC.)

Dunno if that's viable, but hey, it's an idea.
legendary
Activity: 2324
Merit: 1125
October 18, 2013, 11:30:32 AM
#27
I honestly don't understand what is going on in this thread.  I've been away from bitcoins for awhile.  Why not just receive the bitcoins in a new wallet, save the wallet.dat in several places, and delete your wallet.dat from computer?

Digital media (especially flash) degrade relatively quickly and can be stolen when connected to a device which has an active internet connection.

wouldn't paper degrade faster then metal?

It's not the metal that degrades.
full member
Activity: 238
Merit: 100
October 18, 2013, 11:14:19 AM
#26
I honestly don't understand what is going on in this thread.  I've been away from bitcoins for awhile.  Why not just receive the bitcoins in a new wallet, save the wallet.dat in several places, and delete your wallet.dat from computer?

Digital media (especially flash) degrade relatively quickly and can be stolen when connected to a device which has an active internet connection.

wouldn't paper degrade faster then metal?
legendary
Activity: 2324
Merit: 1125
October 18, 2013, 10:46:23 AM
#25
I honestly don't understand what is going on in this thread.  I've been away from bitcoins for awhile.  Why not just receive the bitcoins in a new wallet, save the wallet.dat in several places, and delete your wallet.dat from computer?

Digital media (especially flash) degrade relatively quickly and can be stolen when connected to a device which has an active internet connection.
full member
Activity: 238
Merit: 100
October 18, 2013, 10:37:01 AM
#24
I honestly don't understand what is going on in this thread.  I've been away from bitcoins for awhile.  Why not just receive the bitcoins in a new wallet, save the wallet.dat in several places, and delete your wallet.dat from computer?
legendary
Activity: 3710
Merit: 1586
October 18, 2013, 10:12:17 AM
#23
I have used this before and it's great:

https://github.com/grondilu/bitcoin-bash-tools

All you need is a linux installation. No Internet access required. But I don't know how safe it is. Anyone here who is experienced in Bash wants to take a look and review the code?
sr. member
Activity: 384
Merit: 250
October 18, 2013, 10:06:17 AM
#22
Hello
If some of you have rewieved piper wallet http://piper.pw source code
there is a raspberry in, and the raspberry pi has a hardware RNG
So if the source code is safe, and the implementation of RNG is nice, should be a low cost solution for offline wallet
You will have to burn sd card at the end for high end security
I would be interested by your feeling for this solution, has it's the one I use  Wink

Nice looking piece of kit, though a bit on the pricey side, but at least its an all-in-one solution for the non-technically minded.

You're using vanitygen to generate the keys (wrapped in a python script). I was unaware that the raspi had a hardware RNG, but it appears that the kernel drivers have only just been released (its not enabled in my raspi by default) http://vk5tu.livejournal.com/43059.html

Best of luck (and say hi to the cat Kiss)
legendary
Activity: 3472
Merit: 4801
October 18, 2013, 09:32:00 AM
#21
I wasn't having a pop at you earlier

No worries.  I didn't think you were.  It is extremely difficult to offend or upset me.  I simply don't invest enough emotional energy into the opinions of complete strangers on the internet.  It is entirely an intellectual pursuit for me.  Anyone who has read more than a few of my posts must be able to tell that I always enjoy a spirited intellectual debate.

just putting forward an alternative to a full hard disk install (which has its own security implications for one-off key generation).

Certainly, and your alternative seems to fit the needs of many who are looking for a reasonable way to protect their private keys from many avenues of attack.

The private key to address conversion is actually quite easy (pywallet has some very readable code for the ECDSA algorithm, and converting the resulting public key to an address is straightforward).

Quite easy for a reasonably capable programmer, but perhaps not for the average user.

The thing that is difficult to be certain of is the random number generation for the 256 bit private key, and I would baulk at coding this (you're generally relying on the OS for a good implementation of /dev/random). For a professional setup a hardware RNG is to be preferred.

Agreed.  Which explains my suggestion to:

Use measurements of radioactive decay to generate your private keys.

Which I suppose is one of the few sources of truly random data.  Of course you'd have to find a way to shield your radio active material such that someone external to the room you are working in can't remotely make useful measurements.
sr. member
Activity: 384
Merit: 250
October 18, 2013, 08:48:35 AM
#20
They rarely mean what they've said, and they've almost never given enough information to determine exactly what they actually mean.

Yes, and I agree with everything you've said (you're quite right as usual). I wasn't having a pop at you earlier, just putting forward an alternative to a full hard disk install (which has its own security implications for one-off key generation).

The private key to address conversion is actually quite easy (pywallet has some very readable code for the ECDSA algorithm, and converting the resulting public key to an address is straightforward). The thing that is difficult to be certain of is the random number generation for the 256 bit private key, and I would baulk at coding this (you're generally relying on the OS for a good implementation of /dev/random). For a professional setup a hardware RNG is to be preferred.
legendary
Activity: 3472
Merit: 4801
October 18, 2013, 08:30:43 AM
#19
- snip -
my suggested method requires an internet connection to install. So I took a further look.

I concluded that this is unavoidable for the casual user. The ubuntu installation needs an internet connection to install the official sources of bitcoin-qt plus their dependencies (whether installing to a livecd or a hard disk).

While an expert user may be able to download the various packages online via a separate computer, then copy them onto the offline PC for installation via sneakernet, its not a simple procedure (and I'm not even going to try as I'm not that expert).
- snip -

And now we see why I stated:

Unfortunately, the best way isn't necessarily easy.

It really comes down to just how paranoid you are and exactly what you are trying to protect against.

Really, the "best" method would probably be to write your own program that takes a private key as input and generates a bitcoin address as output.  Then run that on the computer that never has been and never will be connected to the internet.

Use measurements of radioactive decay to generate your private keys.

Hand write the private keys and bitcoin addresses on paper.

Make sure you use a single sheet, and that whatever surface you are writing on will not hold an impression of the writing.

Make sure there are no windows, or cameras in the room that can see any of what you are doing.

But really, we're getting a bit excessive here.

That's sort of my point.  When someone asks for:

the best way of generating multiple paper wallets . . . to maintain maximum security?

They rarely mean what they've said, and they've almost never given enough information to determine exactly what they actually mean.
sr. member
Activity: 384
Merit: 250
October 18, 2013, 08:13:47 AM
#18
This is somewhat off topic to the OP, but since the question has been asked...

To recap: Danny Hamilton is concerned about "unoffical" privatekey/address generators and prefers bitcoin-qt installed on the hard disk of an offline PC. I suggested that a livecd would do the job perfectly well without the need for a hard disk install, but my suggested method requires an internet connection to install. So I took a further look.

I concluded that this is unavoidable for the casual user. The ubuntu installation needs an internet connection to install the official sources of bitcoin-qt plus their dependencies (whether installing to a livecd or a hard disk).

While an expert user may be able to download the various packages online via a separate computer, then copy them onto the offline PC for installation via sneakernet, its not a simple procedure (and I'm not even going to try as I'm not that expert).

Interestingly a windows installation to hard disk may be possible completely offline, but then you have the issue of activating the license without an internet connection (plus the cost of said license).

So I went with the official bitcoin-qt from http://bitcoin.org/en/download
Selecting Ubuntu PPA goes to https://launchpad.net/~bitcoin/+archive/bitcoin

And technical details about this PPA ...
Choose your Ubuntu version offers ...
Raring(13.04), Quantal(12.10), Precise(12.04), Lucid 10.04

Looking at the ubuntu http://www.ubuntu.com/download/desktop ...
this offers 12.04 LTS and 13.10 (others are available via previous version link)

So lets go with 12.04 LTS (32 bit) a 707MB download

For testing I installed it onto a VirtualBox VM with 2048GB Ram (no hard disk)
Since we'll need it for the installation I left the network option enabled.

Once it boots select "Try Ubuntu"
We're going to need a terminal shell, which Ubuntu unhelpfully hides, so click on the top left icon "dash home" and type terminal" in the search box, select the first option, which opens a terminal and adds an icon for it. Its useful to have more than one, so right click on the icon and open a few more.

Now type:
sudo apt-get-repository ppa:bitcoin/bitcoin
Press enter to accept, and note that the key 8842CE5E has been imported.

Type (perhaps in the other terminal so we don't lose the previous message):
sudo apt-get update

Its not at all obvious what to do next, so lets try:
sudo apt-get install bitcoin-qt

And we get a bunch of errors about dependencies. This is fixed as follows...
We want "software sources" which used to be in "system settings", but its missing in this version of ubuntu, so go to "dash home" and search for "update manager" and start it. Click on settings, uncheck the updates (unless you really want them), then on the Ubuntu Software tab select all of the checkbox options. Now we can do:

sudo apt-get update
sudo apt-get install bitcoin-qt

Right click on the network icon (next to the clock on top right) and disable otherwise it will download the blockchain and fill up the ramdisk (this is a livecd).

Go to "dash home" and search for "bitcoin", and run it.

Press ALT, help then debug window, console tab
getaccountaddress ""
dumpprivkey ADDRESS

Now I prefer to use bitcoind, so exit bitcoin-qt, reenable the network and...

sudo apt-get install bitcoind

Disconnect from the network again.

cd .bitcoin (it already exists since we ran bitcoin-qt, note the "dot" prefix before bitcoin)

nano bitcoin.conf (I prefer vi myself, but that's definitely not for novices)
server=1
daemon=1
listen=1
rpcuser=username
rpcpassword=password
CTRL-O (enter)
CTRL-X

bitcoind (starts the server)
bitcoind getinfo (check its working)
bitcoind getnewaddress
dumpprivkey ADDRESS

This can easily be automated via a simple shell script, eg
for i in $(seq 1 100);
do
ADDR=$(bitcoind getnewaddress)
KEY=$(bitcoind dumpprivkey $ADDR)
echo $ADDR $KEY >> keyfile.txt
done

Enjoy (and if I've made any mistakes here, just let me know)
legendary
Activity: 2324
Merit: 1125
October 17, 2013, 10:29:39 PM
#17

Unfortunately, the best way isn't necessarily easy.  It involves wiping a hard drive, then installing a known good, clean, version of an operating system, then installing some trusted address generating software, then hand writing the addresses and private keys on paper, then destroying the hard drive (or at least making sure it is sufficiently wiped to avoid recovery of data).

There are several choices of offline address generating software out there.  I haven't had a chance to check on the code of any of them, so I'm not ready to trust them yet.  Others may stop by with their own suggestions of which software they trust.  Some of them will generate QR-Codes and print in a nice formatted template. For now, I only trust Bitcoin-Qt.

How would Bitcoin-QT create multiple wallets, as i have not worked out how to do this yet

Paper wallets are not exactly user functionality for Bitcoin-Qt, but with some effort it can be done.

  • Install Bitcoin-Qt on a PC that has NO network connection at all
  • Click on the "New Address" button in the "receive coins" section
  • Write the new address down on a piece of paper
  • Choose "Console" in the "Debug Window" found under the "Help" menu
  • Enter the following command where bitcoinAddress is the address you wrote down in step 3:
              dumpprivkey bitcoinAddress
  • Write the private key on the same piece of paper

Viola! You now have a paper wallet.

You can delete the installation of Bitcoin-Qt and wipe the hard-drive if you like.

+ will i need the full blockchain before i can create a wallet?

No.


Thank you very much for the details, although not what i wanted to hear  Grin

I am working on a "bitcoin based website idea" and will need to be able to generate (not on the website) multiple paper wallets... ideally around 100 a go..... and then input the public keys into the website.
Wiping the Hard Drive will not be required (i dont think) as the PC that generates the addresses would never connect to the internet and will be stored in a very large secure and fireproof safe (i could also encrypt the drive).
(at present i am still working on the website coding, and was assuming that generating multiple paper wallets would be easy.....)

Working with or coding for bitcoin is fun, but extremely testing at times  Roll Eyes ...........

Thanks Ford

I would very much advise you use Armory for paper wallets. For true security use the offline method. I was going to link you but etotheipi has changed the site and the wonderful tutorials are gone....

I'm messaging him now.

Edit:

Here it is: http://bitcoinarmory.com/about/using-our-wallet/#offlinewallet
full member
Activity: 150
Merit: 100
October 17, 2013, 10:24:57 PM
#16
Speaking of paper wallets can someone explain to me how to download the bitaddress.org wallet generator for offline use?

Go to https://github.com/pointbiz/bitaddress.org (its linked from bitaddress.org), click on "Download Zip" on the right hand side of the page. Copy the zip archive to your offline computer, unzip it and click on bitaddress.org.html.

Thanks
sr. member
Activity: 384
Merit: 250
October 17, 2013, 06:49:09 PM
#15
there is no need to install an operating system then wipe the hard drive.

I suppose it all depends on just how paranoid you are and how secure you want to be.

install the dependencies off the web (to the ramdisk that it is running on),

You're not suggesting actually connecting the computer to the internet, right?

Disconnect from the internet

Oh!  You are!  Sorry, at that point you might as well just run it connected to the internet.  Why bother disconnecting?

Indeed, this was somewhat of a quirk of the task I was attempting to accomplish (to whit compiling blakecoin-qt from github).

Its less of a problem with bitcoin as the installation procedure on ubuntu would appear less painful (and I'm not the expert here as I haven't actually done one). So it appears you download the ubuntu PPA from http://bitcoin.org/en/download (though even that looks pretty scary at first sight), then copy that onto your offline livecd ubuntu PC (via USB stick I guess, or burn it to a CD). Pretty much the same task as if you're installing to hard disk. Does it have all the dependencies sorted out? I'll have to try it out to see.

Anyway, the reason for disconnecting from the internet before running bitcoind/bitcoin-qt was to eliminate any back-channel. Of course if the OS has already been compromised due to the internet connection used during the installation, then the private keys generated may have been pre-compromised in some way (say a hacked RNG), but that's is a risk however you source your OS/bitcoin.

I'll have a play with it tomorrow (getting past my bedtime here), and add some links to the howtos (I was mainly following the instructions in https://github.com/bitcoin/bitcoin/blob/0.8.5/doc/readme-qt.rst which don't actually work on ubuntu 11.10 as libdb4.8++-dev is not available and you need libdb5.1++-dev instead)
Pages:
Jump to: