Author

Topic: Should you store BIP38 encrypted private keys online? (Read 530 times)

sr. member
Activity: 336
Merit: 250
There is a day to be born, and another to die
Bruteforcing a private key for an address in basically impossible. Bruteforcing someone's encrypted password is plausible. Especially with leaked passwords and dictionary attacks out there. If you are going to do this, at least put it inside of an encrypted volume of some sort using passwords you have never used before. You are basically sacrificing some security for some convenience. Honestly, if you really wanted to, you could just bury some usb around a few places if you are that worried.
full member
Activity: 148
Merit: 106
Should you under this scenario still avoid saving your encrypted private keys online?
Not under any circumstances.
If BIP38 is power intensive and bruteforce resistant with even a reasonable password (let alone one Diceware-generated) why should you be worried about scanning your private keys and uploading them to a cloud for example (that way you would have access to them whereever you might find yourself?)
The whole idea of the cold wallet is to have it disconnected from the outside world fully. It will not be called a cold storage if its exposed to the internet at any point of time.

In the event that the password generator is somehow flawed or a vulnerability is discovered in whichever client you used to generate the keys in, you will be 100% safe. I don't see much point in generating a paper wallet and then storing it online, you're better off generating a wallet and just storing a backup there.

I get what you are saying.

The problem that I have with paper wallets is the FACT THAT YOU CANNOT CARRY THEM AROUND IN YOUR HEAD.

Lets say you created your paper wallets offline, printed them offline, laminated them, put them in a waterproof/fireproof envelopes, protected them with strong password, printed them offline multiple times and stored them in a bank vault.
That would be considered pretty safe.

But the problem is that you can not carry that information in your head.
Every time you want to/need to have access to your bitcoin you would need physical access to your encrypted printed paper wallets.

Lets say:
1. you are half way accross the globe
2. the bank does not grant you access to safe
3. the goverment does not grant you access to the location where the safe is

...you are essentially safe from anyone stealing your bitcoins but you are equally unable to spend them yourself.

That is why I thought scanning the paperwallets, encrypting them with some kind of tool (not sure which one) and uploading them as an encrypted file on a cloud/clouds would be cryptographically secure but still accessible to you should you lose physical access to the places where you stored your wallets.

legendary
Activity: 3038
Merit: 4418
Crypto Swap Exchange
Should you under this scenario still avoid saving your encrypted private keys online?
Not under any circumstances.
If BIP38 is power intensive and bruteforce resistant with even a reasonable password (let alone one Diceware-generated) why should you be worried about scanning your private keys and uploading them to a cloud for example (that way you would have access to them whereever you might find yourself?)
The whole idea of the cold wallet is to have it disconnected from the outside world fully. It will not be called a cold storage if its exposed to the internet at any point of time.

In the event that the password generator is somehow flawed or a vulnerability is discovered in whichever client you used to generate the keys in, you will be 100% safe. I don't see much point in generating a paper wallet and then storing it online, you're better off generating a wallet and just storing a backup there.
full member
Activity: 148
Merit: 106
Assume the following:

1. you created your private keys on an offline computer
2. you encrypted your private keys using BIP38 also offline
3. you used dices and Diceware word list at your table at home to create a strong passphrase
4. you printed your private keys on a printer that was offline

Should you under this scenario still avoid saving your encrypted private keys online?

If BIP38 is power intensive and bruteforce resistant with even a reasonable password (let alone one Diceware-generated) why should you be worried about scanning your private keys and uploading them to a cloud for example (that way you would have access to them whereever you might find yourself?)
Jump to: