Pages:
Author

Topic: Wallet encryption "only" protects against spending? (Read 1426 times)

sr. member
Activity: 444
Merit: 250
I would use the default Linux encryption program; not Trucrypt.
Why?
Because Truecrypt doesn't come with Linux and has to be installed separately, using its own installation method separate from the distribution's packaging system. It's quite a hassle for just encrypting one file, when there are more standardized solutions bundled with the distribution, ready to use.
legendary
Activity: 1176
Merit: 1011
I would use the default Linux encryption program; not Trucrypt.
Why?

Note that TrueCrypt volumes can be easily backed up: simply copy or upload the container file. This is safe (even on non-secure remote storage) because a TrueCrypt container is already secure by nature.
newbie
Activity: 44
Merit: 0
I recommend truecrypt..
legendary
Activity: 2506
Merit: 1010
Is there a way to specify different directories for the wallet.dat and the block chain database, so you could store the wallet.dat on a truecrypt volume and the block chain unencrypted?

That had been proposed, but has not been implemented.

You can create a symlink to the wallet.dat on the truecrypt volume though.
sr. member
Activity: 344
Merit: 250
Is there a way to specify different directories for the wallet.dat and the block chain database, so you could store the wallet.dat on a truecrypt volume and the block chain unencrypted?
sr. member
Activity: 444
Merit: 250
I would use the default Linux encryption program; not Trucrypt.
Yes, I don't use Truecrypt myself, ended up using aescrypt for this. openssl is also an option as it supports aes password encryption of single files.
newbie
Activity: 14
Merit: 0
I would use the default Linux encryption program; not Trucrypt.
full member
Activity: 188
Merit: 100
what's an RPC ?
sr. member
Activity: 444
Merit: 250
DeathAndTaxes, that makes the encryption design a whole lot more understandable. I understand now :-)
donator
Activity: 1218
Merit: 1079
Gerald Davis
It also provides for a more useful platform for automation.  For example via RPC a merchant can get a unique payment address for a customer.  No password is necessary thus no password is at risk.  The website can run all day processing hundreds of orders and checking for funds and confirmations.  The password is only necessary to remove funds from the wallet.

This "warm wallet" approach presents a much smaller attack surface than either having a decrypted hot wallet or a wallet where the password is on the web server.
sr. member
Activity: 444
Merit: 250
The standard wallet encryption encrypts your private keys, and only your private keys. Your private keys are not necessary to tell how many bitcoins you have, since all transactions are public.

Yes, I stupidly meant public keys, not private keys. It seems to me that if the public keys were also encrypted, then someone who copied my wallet would not be able to tell what it's worth, at least not from the wallet alone. Granted, all the transactions are public on the blockchain, but they're not grouped together and linked to me like my wallet is to someone who stole it from me (yes yes, unless I publish my addresses because I want payments, and recycle it for all payments, but I don't do that).

You're all probably right that the attack I imagined is not very realistic, and there are other attacks in my threat model that I should be much more worried about. I'll keep that in mind. And it's certainly very handy to be able to browse the wallet with no password. But I'll still encrypt the whole wallet.dat with an external tool before backing it up to shared storage.
legendary
Activity: 1176
Merit: 1011
truecrypt isn't going to protect you from any of those attack vectors.  So if you want spent time and energy "protecting" yourself from imaginary attack vectors well go ahead.  As an alternative you can learn about real attack vectors and spend your time and energy making yourself better protected against them.
Wise words.

TrueCrypt is a very good security measurement, in case your laptop gets lost or stolen or whatever. But there's really no point in adding extra heavy locks on your front door, when your kitchen window is wide open.
donator
Activity: 1218
Merit: 1079
Gerald Davis
Worry about real attack vectors not fake ones.

No thief goes around reading wallets and then brute forcing the big ones.  If you have a strong passwords and you system isn't compromised in some other way brute force is pointless.  I don't mean pointless like man this is going to be hard pointless I mean the attacker will die of old age even if using an entire botnet for the next 5 decades pointless.  If your system is compromised (malware, or weak password) then a theif is going to steal your wallet even if it only has a couple bitcoins.

If you lose funds it almost certainly due to:
a) weak password.  Even w/ key hardening a weak passwords can be defeated by brute force or dictionary attack.  (If your password isn't on any password dictionary and is more than 8 characters containing a mix of symbols you likely are safe).
b) keylogger on your system (if you give the attacker your password it doesn't really matter how you protect the wallet)
c) bitcoin specific malware (such as the one that changes copied addresses to the attacker's address).
d) not maintaining recent backup (coins lost not stolen).

truecrypt isn't going to protect you from any of those attack vectors.  So if you want spent time and energy "protecting" yourself from imaginary attack vectors well go ahead.  As an alternative you can learn about real attack vectors and spend your time and energy making yourself better protected against them.
legendary
Activity: 1176
Merit: 1011
I just encrypted my wallet (reference client), and I would have expected it to ask me for the password as soon as it loaded the wallet on startup, but it didn't. Instead, it only asks when I try to send btc.
Note that this is a good thing. Now you can manage your wallet (see how much there is on your balance, get the addresses to transfer money to it from other sources, etc) without exposing your private key whatsoever.

The private key is ONLY necessary to make actual payments from that address. So it's good that it doesn't decrypt that key, until you actually make a payment.


And, again, the following is really NO concern whatsoever:
Quote
Then if it holds enough value, they can start brute forcing (however futile that may be, but whatever).
Don't worry, people would rather ignore your wallet and instead brute force some of the richest addresses out there (such as this one).

As it has been discussed in earlier topics: brute forcing is really, truly, positively, absolutely, definitely, one hunderd percent completely futile (with there not being enough energy and time in the universe and all...)


legendary
Activity: 1176
Merit: 1011
ive had a breach before and im now super paranoid  Undecided
Just out of curiosity (and being rather paranoid myself as well Smiley) - what kind of breach?
legendary
Activity: 4542
Merit: 3393
Vile Vixen and Miss Bitcointalk 2021-2023
Note that Bitcoin addresses and transactions are inherently public, and the only thing that's private (and the only thing which needs protecting with encryption) are the private keys used to sign transactions. Anyone who knows your addresses can see how many bitcoins you have, where they came from, and where they're going. Privacy is only achieved by the difficulty of associating Bitcoin addresses with real-life identities. You can encrypt your entire wallet using Truecrypt or EncFS if you really want to, but be aware that this might not provide as much protection as you think.

Just because some punk found a wallet.dat on my machine doesn't mean he needs to know what my private keys are, and thus how much the wallet is worth. He won't be able to touch them, but he was able to breach my privacy by snooping on my personal finance. If I had considerable funds, that may motivate him to install a keylogger on my machine or something.
The standard wallet encryption encrypts your private keys, and only your private keys. Your private keys are not necessary to tell how many bitcoins you have, since all transactions are public. There is no financial privacy (in the traditional sense of the term) when using Bitcoin. This is the price you have to pay for a zero-trust payment system. Since there is no bank or other trusted third party to verify transactions and account balances while keeping them secret, everyone needs to be able to see everyone else's transactions to prevent people from fraudulantly spending money they don't have. To protect your privacy, you need to ensure that your identity cannot be linked to your bitcoin addresses.

It is most unlikely that you will specifically be targetted by hackers if you have a considerable amount of bitcoins. You more likely to be targetted just for having Bitcoin installed at all, in order to get whatever little money you have. However, the chances of this happening are very low. In fact, I don't think anyone has ever had bitcoins stolen as a result of a keylogger being used to get the passphrase to a stolen wallet.dat file using the standard wallet encryption (though it's not impossible, and additional encryption is useless againsts a keylogger).

I was planning on using just the standard wallet encryption before backing up my wallet.dat to "the cloud", but having learned this, I'll wrap it in an additional layer. Thanks for the clarification, guys (and your great work, Gavin).
A good idea, just remember that encrypting your wallet isn't the whole story if you're worried about your privacy rather than just having your money stolen.

You can encrypt your entire wallet using Truecrypt or EncFS if you really want to, but be aware that this might not provide as much protection as you think.

What is this supposed to mean? I thought truecrypt was impossible to break if you have a long enough pass?
Correct. However, the OP's question indicates that he is concerned about keeping has balance secret, which is something that encryption won't help with if his identity can be linked to his addresses some way other than his wallet file.
sr. member
Activity: 250
Merit: 250
oh ok cool. all my containers are created on an offline laptop with FDE. just checking, you guys had me in a panic for a second- ive had a breach before and im now super paranoid  Undecided
legendary
Activity: 2506
Merit: 1010
You can encrypt your entire wallet using Truecrypt or EncFS if you really want to, but be aware that this might not provide as much protection as you think.

What is this supposed to mean? I thought truecrypt was impossible to break if you have a long enough pass?

If your system is compromised (e.g., malware that does keylogging), it is compromised -- truecrypt or not.
sr. member
Activity: 250
Merit: 250
You can encrypt your entire wallet using Truecrypt or EncFS if you really want to, but be aware that this might not provide as much protection as you think.

What is this supposed to mean? I thought truecrypt was impossible to break if you have a long enough pass?
Pages:
Jump to: