[XMR] Monero - A secure, private, untraceable cryptocurrency - page 713.

binaryFate

legendary

Activity: 1512

Merit: 1012

Still wild and free

Quote from: smooth on January 03, 2016, 08:29:45 PM

Quote from: binaryFate on January 03, 2016, 08:15:49 PM

However you can produce secure brain wallets with for instance a mechanism involving a large number of different hashing functions.

I doubt it. If enough people start doing that, password brute forcers will do it too, the same way they use combinations of words, phrases, common transformations, etc. All you are doing with these sorts of combinations are adding a relatively small number of entropy bits for the various ways that hash functions can be combined.

Key stretching does work but that relies on the hash function being slow, which is somewhat fragile long term.

Right, but this is just one example. The point is to have some semantic to apply to your password, that you never disclose. For me a mini computer program could do the trick but for somebody else it could be something else.
But this is not practical or advisable for the masses, I agree.

EDIT: in the example scheme of having N repetitions of hashing functions, it also has the additional personal advantage that I can choose roughly how much time I'll need to get my secret key. (Assuming I don't put my hand on ASICS for all hashing functions involved). So for an important brain wallet I can make it roughly 24h on a typical computer, and be sure I wouldn't spend it drunk.

smooth

legendary

Activity: 2968

Merit: 1198

Quote from: binaryFate on January 03, 2016, 08:15:49 PM

However you can produce secure brain wallets with for instance a mechanism involving a large number of different hashing functions.

I doubt it. If enough people start doing that, password brute forcers will do it too, the same way they use combinations of words, phrases, common transformations, etc. All you are doing with these sorts of combinations is adding a relatively small number of entropy bits for the various ways that hash functions can be combined.

Key stretching does work but that relies on the hash function being slow, which is somewhat fragile long term.

Johnny Mnemonic

hero member

Activity: 795

Merit: 514

Quote from: ?? on ??

Quote from: smooth on January 03, 2016, 07:48:44 PM

Quote from: binaryFate on January 03, 2016, 07:46:44 PM

Quote from: smooth on January 03, 2016, 07:40:12 PM

A "strong" password helps a bit but most of the security comes from the coin ID itself.

If you want to be reasonably paranoid, you must assume that between production and shipping, the coin ID is compromised.
I'd personally make sure the entropy of my password is fine by itself.

If you're going to do that, you might as well just use a paper wallet (which I personally recommend). There is no way you will ever have a strong password that doesn't need to be written down. Brain wallets don't work.

False - it's possible, most people just don't do it.

And the ones who do occasionally forget their passwords, because they go so long without needing to recall it. It's possible but hardly practical.

binaryFate

legendary

Activity: 1512

Merit: 1012

Still wild and free

Quote from: smooth on January 03, 2016, 07:48:44 PM

Quote from: binaryFate on January 03, 2016, 07:46:44 PM

Quote from: smooth on January 03, 2016, 07:40:12 PM

A "strong" password helps a bit but most of the security comes from the coin ID itself.

If you want to be reasonably paranoid, you must assume that between production and shipping, the coin ID is compromised.
I'd personally make sure the entropy of my password is fine by itself.

If you're going to do that, you might as well just use a paper wallet (which I personally recommend). There is no way you will ever have a strong password that doesn't need to be written down. Brain wallets don't work.

Plain brain wallets don't, and I agree to discourage anyone to use them.

However you can produce secure brain wallets with for instance a mechanism involving a large number of different hashing functions.
Simple example, assuming my brain wallet is 12MD516SHAparmiggianoIsMySalt. (This is easy to remember if you read that word by word).
I would probably still remember, even after some years, that I have to find the secret key by applying 12 times MD5, 16 times SHA256, to that very password itself.

Code:

p="12RIPEMD16SHAparmiggianoIsMySalt" ; for i in `seq 1 12`; do for j in `seq 1 16`; do p=`echo $p | md5sum` ; done; p=`echo $p | sha256sum`; done ; echo "sk = $p" | cut -d ' ' -f 1-3

Ok, maybe I won't remember that I have to use nested loops, but since I created the scheme to start with, I wouldn't give up and keep fiddling around, testing few stuff and would eventually find my secret key with coins on it.

Not that I encourage anyone to use this, this is simply an example showing that brainwallets can include more entropy than the sole characters they contain. They can include additional entropy due to a particular semantic you attach to them. The idea is to use a semantic that is obvious to you once you read (ie, remember) the word, but hard enough that nobody can enumerate over it easily. Ideally you create your very own semantic for a handfull of critical brain wallets (or for those you create in 2015, or...), and don't disclose your logic to anyone.

smooth

legendary

Activity: 2968

Merit: 1198

Quote from: binaryFate on January 03, 2016, 07:46:44 PM

Quote from: smooth on January 03, 2016, 07:40:12 PM

A "strong" password helps a bit but most of the security comes from the coin ID itself.

If you want to be reasonably paranoid, you must assume that between production and shipping, the coin ID is compromised.
I'd personally make sure the entropy of my password is fine by itself.

If you're going to do that, you might as well just use a paper wallet (which I personally recommend). There is no way you will ever have a strong password that doesn't need to be written down. Brain wallets don't work.

binaryFate

legendary

Activity: 1512

Merit: 1012

Still wild and free

Quote from: smooth on January 03, 2016, 07:40:12 PM

A "strong" password helps a bit but most of the security comes from the coin ID itself.

If you want to be reasonably paranoid, you must assume that between production and shipping, the coin ID is compromised.
I'd personally make sure the entropy of my password is fine by itself.

smooth

legendary

Activity: 2968

Merit: 1198

Quote from: aiwe on January 03, 2016, 12:54:22 PM

Once I lost (luckily small amount of) Bitcoin from address generated by some paperwallet site using 'brain wallet' shit option - custom phrase entered. So, in seconds after change from transaction went to that address it was withdrawn bo some clever ~~bastard~~ owner of 1LdUHTEVxWJhrhKfy4H3VuYDnTHQVjsdBn.

Therefore my question: is it safe to use custom entropy?

Given the stated use case above it should be safe, assuming you trust the manufacturer of the coin and the coin itself has been kept secure from disclosure of the coin ID.

A "strong" password helps a bit but most of the security comes from the coin ID itself.

Although....I'd suggest using slow hash for key stretching as the simplewallet password does. That all but precludes any useful brute forcing of passwords. I thought that was in the standard for physical coin keys, but maybe not.

oblox

legendary

Activity: 1442

Merit: 1018

Quote from: medusa13 on January 03, 2016, 06:31:17 PM

hi guys, still haveing some troubles with 0.9.

after deleting .bin, the balance shown in simplewallet is now correct.

but if i try to send funds, i get :

Code:

2016-Jan-03 23:26:54.722493 [RPC1]transaction with hash aab282164e86b322823fe99e9595fecce2505d0e322ad4dacfcaa24331f36bbd not found in db
2016-Jan-03 23:26:54.722493 [RPC1]Transaction with id=  used already spent key images
2016-Jan-03 23:26:54.722493 [RPC1]Transaction verification failed:

dont know what it is..is a trx of mine stuck in mempool?

Doesn't appear to be in a block yet:

http://moneroblocks.eu/search/aab282164e86b322823fe99e9595fecce2505d0e322ad4dacfcaa24331f36bbd

medusa13

sr. member

Activity: 453

Merit: 500

hello world

hi guys, still haveing some troubles with 0.9.

after deleting .bin, the balance shown in simplewallet is now correct.

but if i try to send funds, i get :

Code:

2016-Jan-03 23:26:54.722493 [RPC1]transaction with hash aab282164e86b322823fe99e9595fecce2505d0e322ad4dacfcaa24331f36bbd not found in db
2016-Jan-03 23:26:54.722493 [RPC1]Transaction with id=  used already spent key images
2016-Jan-03 23:26:54.722493 [RPC1]Transaction verification failed:

dont know what it is..is a trx of mine stuck in mempool?

dEBRUYNE

legendary

Activity: 2268

Merit: 1141

Quote from: aiwe on January 03, 2016, 12:54:22 PM

Once I lost (luckily small amount of) Bintoin from address generated by some paperwallet site using 'brain wallet' shit option - custom phrase entered. So, in seconds after change from transaction went to that address it was withdrawn bo some clever ~~bastard~~ owner of 1LdUHTEVxWJhrhKfy4H3VuYDnTHQVjsdBn.

Therefore my question: is it safe to use custom entropy?

I'm afraid, human brain is not good at providing uncrackable one.

Upd.: Shit it was not small, - I could bought ONE monero for those satoshies. And they were stolen..

Generally not, just use the normal one. Custom entropies are risky and should only be used if you know what you are doing.

MoneroMooo

legendary

Activity: 1276

Merit: 1001

Quote from: aiwe on January 03, 2016, 12:54:22 PM

Therefore my question: is it safe to use custom entropy?

That's a bit like getting in a plane cockpit in flight, and wondering: is it safe to disable the autopilot ?

For some, it will be. For most... it will be down to this:

Quote from: aiwe on January 03, 2016, 12:54:22 PM

I'm afraid, human brain is not good at providing uncrackable one.

aiwe

legendary

Activity: 1750

Merit: 1101

karbo.io

Once I lost (luckily small amount of) Bitcoin from address generated by some paperwallet site using 'brain wallet' shit option - custom phrase entered. So, in seconds after change from transaction went to that address it was withdrawn bo some clever ~~bastard~~ owner of 1LdUHTEVxWJhrhKfy4H3VuYDnTHQVjsdBn.

Therefore my question: is it safe to use custom entropy?

I'm afraid, human brain is not good at providing uncrackable one.

Upd.: Shit it was not small, - I could bought ONE monero for those satoshies. And they were stolen..

saddambitcoin

legendary

Activity: 1610

Merit: 1004

xpost from Cryptonic's thread: Now you can bind a Monero address to a physical XMR coin! Very cool.

Quote from: cryptonic21 on January 03, 2016, 05:57:53 AM

Dear friends! Happy new year!

From now on Cryptonic physical Monero coins are little more than just collectibles.

Moneromooo has kindly added an optional user supplied entropy to his offline wallet generator. So now it's possible to use it with cryptonic coin IDs (and a password for more security) to create a cold storage associated with it.

https://github.com/moneromooo-monero/monero-wallet-generator/

https://moneroaddress.org/

There is a field Custom entropy. Just fill in your coin IDs and a password, for example:

Code:

1Fe58dA D7auQk6 your_password

...and click Generate wallet!

generalt

legendary

Activity: 1096

Merit: 1021

Quote from: Febo on January 03, 2016, 11:09:54 AM

Quote from: BitcoinForumator on January 03, 2016, 09:38:09 AM

Can we simply import wallets and .keys from the old Monero client into Hydrogen Helix?

yes i copy/pasted them in Hydrogen Helix folder and when open with simple wallet just type refresh command and that is it.

Thank you.

Febo

legendary

Activity: 2730

Merit: 1288

Quote from: BitcoinForumator on January 03, 2016, 09:38:09 AM

Can we simply import wallets and .keys from the old Monero client into Hydrogen Helix?

yes i copy/pasted them in Hydrogen Helix folder and when open with simple wallet just type refresh command and that is it.

BitcoinForumator

legendary

Activity: 1120

Merit: 1000

Can we simply import wallets and .keys from the old Monero client into Hydrogen Helix?

dEBRUYNE

legendary

Activity: 2268

Merit: 1141

Quote from: digicoin on January 03, 2016, 03:28:22 AM

Quote from: 5w00p on January 02, 2016, 07:34:14 PM

Quote from: btell on January 02, 2016, 04:39:24 PM

I have just re-synced from scratch the blockchain by new 0.9 release Win64 binaries. All things seem to be SUCCESS. Below I leave some number facts:

Total time to re-sync from scratch = 2h 25m
Maximum memory usage visible in standard Windows 7 task manager during re-sync = 60Mb
Overall Monero database files under c:\ProgramData\bitmonero = 7.6Gb

Simplewallet.exe have requested to import my wallet from old format - done instantly.

Note, 'refresh' command must be typed in simplewallet console to see up-to-date balance!

!!! MONERO DEVS CONGRATULATIONS !!!

I agree, the DEVS KICK ASS.

I have also just synced the blockchain from scratch using ver0.9 binaries released for Win64. All seems to be a SUCCESS for me as well.

Total time to re-sync from scratch = ~50mins

Very fast! Unfortunately, it does not work happen as such in my PC (Windows 7 64bit). It took me 2 hour sync-ing 128k block (out of ~900k block)

Probably because you have an HDD, syncing is way faster with an SSD than an HDD.

medusa13

sr. member

Activity: 453

Merit: 500

hello world

thank you fluffy, deleting the .bin helped. balances are in sync again now

nioc

legendary

Activity: 1624

Merit: 1008

Quote from: smooth on January 02, 2016, 10:33:15 PM

Quote from: nioc on January 02, 2016, 09:17:25 PM

2016-Jan-02 20:05:06.652046 [RPC1]ERROR C:/msys64/DISTRIBUTION-BUILD/src/crypton
ote_core/miner.cpp:239 Starting miner but it's already started

Isn't this clear?

Your daemon is already mining. The wallet has commands to start and stop mining but once you start, as long as the daemon is still running it will continue to mine even after the wallet exits.

No it wasn't clear to me because that message was immediately followed by:

2016-Jan-02 20:05:06.652046 [RPC1]Failed, mining not started
as well as a similar message from simplewallet.

Also I always stop_mining before exiting but after checking things out it seems this time I didn't and just exited. I had no idea you needed simple wallet to start and stop mining but not to continue to mine once started.

Signed, resident idiot

fluffypony

donator

Activity: 1274

Merit: 1060

GetMonero.org / MyMonero.com

Quote from: medusa13 on January 03, 2016, 06:17:15 AM

hi guys i have around 1k xmr that always stays locked and never gets unlocked.
i do not know if those 1000 are real or if they somehow magically summed up becasue i did send money to myself several times...

anyway, yesterday i tranfsered money to my cold wallet...later i realized it did not work, money was still here in my normal wallet..very strange, i rescant everything and now have this crazy behaviour. this event shoked me, if i wouldnt have used rescan_spent i wouldntn have noticed it was not send to my cold wallet. i hope this did not happen with my old hot wallet i deleted .. Grin

dont want to open cold wallet to see whats up.

allready did rescan_spent + rescan_bc, without success, the 1k stays locked, also if i wait over night.

any ideas ? i know people had similar problems but they didn have a corrupted balance later no?

Two things that occur to me:

1. Can you try restore from .keys file rather than rescan, just to eliminate potential rescan bugs? Just delete the .bin and reopen it.
2. When you transferred did you get a txid? If so, did you check if it hasn't been mined yet (on a block explorer)?

It sounds like you might be rescanning whilst a tx is not (yet) mined, but that's just a guess based on the info.

Topic: [XMR] Monero - A secure, private, untraceable cryptocurrency - page 713. (Read 4670673 times)