Using alphabet/number beads for private keys - page 2.

netrin

sr. member

Activity: 322

Merit: 251

FirstBits: 168Bc

Quote from: casascius on December 26, 2011, 04:07:42 PM

Quote from: netrin on December 26, 2011, 04:05:15 PM

...the reason the public key is not used directly is so that the algorithm can be changed in the future...

that, and the public key is ridiculously long, over three times the length of a bitcoin address.

I'm hoping the firstbits becomes the 'standard' address... thus I've wondered if the hash is really a necessary middle-abstraction. We can convert the public key to base36 and refer to the firstbits (or ~10 character prefix before confirmation). Of course, that's probably too late now.

casascius

vip

Activity: 1386

Merit: 1136

The Casascius 1oz 10BTC Silver Round (w/ Gold B)

Quote from: netrin on December 26, 2011, 04:05:15 PM

...the reason the public key is not used directly is so that the algorithm can be changed in the future...

that, and the public key is ridiculously long, over three times the length of a bitcoin address.

netrin

sr. member

Activity: 322

Merit: 251

FirstBits: 168Bc

No worries. It's pretty abstract and technical stuff. But understanding it all should be necessary only if you are fascinated by the underlying tech. As far as I understand the reason the public key is not used directly is so that the algorithm can be changed in the future. Perhaps we'll need stronger keys. The hash address is only a representation of the key - whatever type of key that might be.

Otoh

donator

Activity: 3024

Merit: 1105

sry - I'm getting lost trying to get my head round this, I assumed that the public key was the btc address

netrin

sr. member

Activity: 322

Merit: 251

FirstBits: 168Bc

Quote from: Otoh on December 26, 2011, 03:41:55 PM

Quote

The typical address is a hash and truncated version of the ~~private~~ key.

OK got it & fxd ur typo

No. The address is a hash of the PUBLIC key. The public key is derived from the private key.

Otoh

donator

Activity: 3024

Merit: 1105

Quote from: netrin on December 26, 2011, 03:36:20 PM

You generally do not need to understand hashes and keyspaces. Only if you want to do funny things like generate private keys from beads worn around your neck. But if this were popular and well supported, you probably wouldn't need to understand that either.

At a high superficial level an address is much like your private key.

The public key is derived from the private key and looks nearly identical. The typical address is a hash and truncated version of the private key.

OK got it & fxd ur typo

casascius

vip

Activity: 1386

Merit: 1136

The Casascius 1oz 10BTC Silver Round (w/ Gold B)

The numbers on beads would scare me...if the chain breaks and the letters fall to the floor, the bitcoins evaporate.

A piece of paper wouldn't bother me much. Sure, paper fades, but I believe that means that whites turn yellow and color fidelity is lost, not that perfectly good documents turn into blank paper again.

I released an open-source utility (Casascius Bitcoin Utility) that allows you to compute the Bitcoin address that corresponds to any phrase in SHA256. It's for Windows. You must use a complex phrase for it to be secure. You can print it on paper, engrave it on metal, or whatever else you want. I sell a gold bar object (as OP knows), you could use a hand engraver to engrave a passphrase onto the back of it, then it would be clear that the object is bitcoins.

netrin

sr. member

Activity: 322

Merit: 251

FirstBits: 168Bc

You generally do not need to understand hashes and keyspaces. Only if you want to do funny things like generate private keys from beads worn around your neck. But if this were popular and well supported, you probably wouldn't need to understand that either.

At a high superficial level an address is much like your private key.

The public key is derived from the private key and looks nearly identical. The typical address is a hash and truncated version of the public key.

Otoh

donator

Activity: 3024

Merit: 1105

OK thanks, though I have no idea what 2^256 is until I start to google it, 6 months plus I've had bitcoins & assumed erroneously that the Btc private keys were very similar to the Btc addresses, for newbies this is quite a learning curve they have to master unless like me they are willing to just trust the exchanges to hold for them, I have only now just heard of & assumed what base-58 is which I guess is the A-Z, a-z, 0-9 chars that a private key in wallet import format are made from

DeathAndTaxes

donator

Activity: 1218

Merit: 1079

Gerald Davis

Quote from: Otoh on December 26, 2011, 03:16:04 PM

I've never had a need to look in to private keys before, just have https://en.bitcoin.it/wiki/Private_key & see that they're not just as simple as a Bitcoin address is, loads of different ways of showing them, most common seems to be the 51 chars starting with a 5 which I assume are drawn from A-Z, a-z, 0-9, i.e. from 58 total possibles that can be repeated

That is the wallet import format. The actual private key is simply a number between 0 and 2^256. To avoid transposing errors the "wallet import format" puts it into base-58 with a checksum.

netrin

sr. member

Activity: 322

Merit: 251

FirstBits: 168Bc

Quote from: DeathAndTaxes on December 26, 2011, 03:11:47 PM

A deck of cards in random order (with cards representing values 1 to 52) has about 2^223 bits of entropy.... Optionally to prevent losing the key if someone changes the order you could write the place digit on each card.

You can pick up discarded casino decks with holes in them. Just loop some string through and tie it with a big knot, clearly marking the beginning of the deck.

What I do when not sitting in the sand on the beach though, is just symetrically encrypt (gpg -ca) any old file, take a random line, remove [0Oo1iIlL-/] and trim it down. Base58 is nice for writing down or embedding in pictures (screenshot of a text file stored on dumb mobile phone or printed).

Base58: 123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz

No 0 I O l, zero, cap-I, cap-O, lower-L

Otoh

donator

Activity: 3024

Merit: 1105

I've never had a need to look in to private keys before, just have https://en.bitcoin.it/wiki/Private_key & see that they're not just as simple as a Bitcoin address is, loads of different ways of showing them, most common seems to be the 51 chars starting with a 5 which I assume are drawn from A-Z, a-z, 0-9, i.e. from 58 total possibles that can be repeated

DeathAndTaxes

donator

Activity: 1218

Merit: 1079

Gerald Davis

Quote from: Otoh on December 26, 2011, 02:56:25 PM

yes I see that I misunderstood, it'd be cool if a private key could be represented by the 52 cards in a standard deck but I guess it can't, how about a 78 card Tarot deck *goes to add up A-Z & a-z & 0 - 9* brb

Private key can be in many forms. The wallet import format is in base-58 but any 256 bit value can be a private key.

A deck of cards in random order (with cards representing values 1 to 52) has 52! ~= 2^223 bits of entropy. Granted that is a little less than a private key (2^256) but the address is only 2^160 bits anyways.

So one could shuffle a deck of cards, use their order to produce a 2^223 bit private key. Simplest way would be to represent each card as two alphnumeric sequence. Ad = Ace of diamonds. 7s = seven on spades. Record the order of the deck as a sequence of characters.

Example:
Ad7sJhKd3c ... 2s. You now have a 104 character string with 2^223 bits of entropy. Take SHA-256 of it and you have an private key compatible with Bitcoin.

The key would be represented by the order the cards are stored in the box. Optionally to prevent losing the key if someone changes the order you could write the place digit on each card.

netrin

sr. member

Activity: 322

Merit: 251

FirstBits: 168Bc

Quote from: Otoh on December 26, 2011, 02:56:25 PM

it'd be cool if a private key could be represented by the 52 cards in a standard deck but I guess it can't

YES, assuming you generated the key from the deck, other wise this would be such an annoying method of storing data, you might as well just write the key down on paper.

Anything is a private key. You can come up with a private key anyway you like with any set of characters (ultimately it's just zeros and ones). Casascius generates a short random string and then SHA-256-s it. So, "hello" SHA'd becomes 2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e73043362938b9824 and that makes a valid key (except that "hello" is trivial to guess).

8♣ J♠ 2♥ 4♣ K♣ 7♦ 6♠ A♠ Q♥ 3♦
--->
8RV4DqKUfk
--->
c471543c4226726a3f7ff3604d75d3fafa68541fe051cad23654d15c68a04546

Otoh

donator

Activity: 3024

Merit: 1105

yes I see that I misunderstood, it'd be cool if a private key could be represented by the 52 cards in a standard deck but I guess it can't, how about a 78 card Tarot deck *goes to add up A-Z & a-z & 0-9* brb

EDIT: hmm, 58

Otoh

donator

Activity: 3024

Merit: 1105

Quote from: netrin on December 26, 2011, 02:50:03 PM

Quote from: Otoh on December 26, 2011, 02:49:08 PM

um, don't you need a 1 & 0 maybe?

um, no.

Nor, O, o, l, L, y, z

OK - so aren't those chars used in private keys, prob I didn't understand & it's for password generation & wouldn't work for private keys

netrin

sr. member

Activity: 322

Merit: 251

FirstBits: 168Bc

Quote from: Otoh on December 26, 2011, 02:49:08 PM

um, don't you need a 1 & 0 maybe?

um, no.

Nor O, o, I, i, l, L, y, z, nor duplicates. This creates a new key or password, not model an existing one. You could mix multiple decks together, staple groups of ten to produce reasonably secure keys. Similarly with the beads, mix them all up and string up some bracelets.

Otoh

donator

Activity: 3024

Merit: 1105

Quote from: netrin on December 26, 2011, 02:37:46 PM

This reminds me of a password generator I came up with while soaking up the southern sunshine. Take a standard playing card deck (perhaps with distinct jokers, optional), then assign a character from ~base58 to each card. Shuffle them up and draw some cards.

Code:

2 3 4 5 6 7 8 9 10 J Q K A
♣ 2 3 4 5 6 7 8 9 A B C D E
♠ F G H J K M N P Q R S T U
♥ V W X Y Z a b c d e f g h
♦ j k m n p q r s t u v w x

um, don't you need a 1 & 0 maybe?

EDIT: & y z

netrin

sr. member

Activity: 322

Merit: 251

FirstBits: 168Bc

This reminds me of a password generator I came up with while soaking up the southern sunshine. Take a standard playing card deck (perhaps with distinct jokers, optional), then assign a character from ~base58 to each card. Shuffle them up and draw some cards.

Code:

2 3 4 5 6 7 8 9 10 J Q K A
♣ 2 3 4 5 6 7 8 9 A B C D E
♠ F G H J K M N P Q R S T U
♥ V W X Y Z a b c d e f g h
♦ j k m n p q r s t u v w x

DeathAndTaxes

donator

Activity: 1218

Merit: 1079

Gerald Davis

Quote from: coblee on December 26, 2011, 05:12:56 AM

Quote from: N.Olmos on December 26, 2011, 03:23:12 AM

Maybe you can use the larger 5.5mm silver plated beads for the uppercase and the lowercase and numbers can be the smaller 5mm beads.

Yeah, I thought of that too. So I plan to generate a mini key and then buy the beads I need from that site. Maybe add a few more random beads, so even if that website knew what I was doing, it would be quite hard to figure out my key.

Quote from: racerguy on December 26, 2011, 03:32:59 AM

can't you just use 'special' paper that doesn't decay? I'm sure I've heard of such paper that can last 100yrs at least.

The ink could fade even if the paper doesn't decay. Plus, water won't be a problem for beads unlike ink on paper. Fire will probably be a problem, but that's true for most things.

There is "paper" which is actually poly based. A thermal transfer printer with resin based ink on poly based paper is likely going to outlast you. Water is a non-issue the material will stand up to corrosive chemicals, bleaches, cleaners, abrasion, etc.

Still I like the idea of using beads. Honestly though I think if someone had access to a commercial laser cutter they could cut private key and QR code into aluminum cards (think credit card sized). That would also provide pretty reasonable resistance to age. The issue is they know the private key. With beads even knowing the digits used still results in trillions of possible combinations and more entropy can be easily be added by including random additional digits.

Likely not practical but casting custom beads out of a refactory metal (like Tungsten) would be ideal. Their high hardness, chemical inactivity, and high melting point means they will survive even the most harshest conditions (like structure fire). Tungsten's melting point is >3400C and most home structure fires tend to be less than 1900C.

http://en.wikipedia.org/wiki/Refractory_metals

Topic: Using alphabet/number beads for private keys - page 2. (Read 3628 times)