Bitcoin Forum

Hey guys,

I thought I'd start experimenting with brain wallets to store some of my bitcoin in, so I went to the only place I know to do that. https://www.bitaddress.org/bitaddress.org-v2.9.8-SHA256-2c5d16dbcde600147162172090d940fd9646981b7d751d9bddfc5ef383f89308.html?culture=en

I tried a long quote of shakespeare, but the address came out invalid according to my smart phone wallet so I tried a shorter phrase - "There is no new thing under the sun"

I sent 0.001 here 14BwAbCRHJ7xbvG7GQFuxPgErJw6zXQdxQ and instantly it was relayed to this address which had 10BTC in it 1LdUHTEVxWJhrhKfy4H3VuYDnTHQVjsdBn

https://i.imgur.com/rFKT5Je.png

https://i.imgur.com/sp8FtVu.png

This is really scary that the funds were relayed instantly, I know its not the strongest phrase but there could only be two things going on here, somebody has generated a large database of popular brain wallets, or bitaddress.org is crooked.

has anybody else had this experience?

Can you make a brain wallet simple enough to be memorable and secure?

Thanks for your thoughts!

This.

You underestimate the power of rainbow tables...

You mean 'they' already got into that long passphrase?
Say goodbye to brainwallet

It's really not surprising that one of the most popular lines from shakespear is in a rainbow table for brainwallet.  There was a recent slashdot story about how to actually create a strong, yet memorable passphrase.  I think the OP would be interested in this as it addresses his concern.

http://yro.slashdot.org/story/15/03/26/2032259/generate-memorizable-passphrases-that-even-the-nsa-cant-guess

Thanks, interesting read. amazing how one word is the difference between 6 months and 3000 years.

You underestimate the power of exponential curves...

There's very little entropy in the phrase "There is no new thing under the sun" (In this context, I'd guess much less than 20 bits).  It's easily one of the billion phrases most likely to be selected for this use so it's not really surprising to see the funds instantly vanish.

Compare this with another eight-word phrase: "rebel twenty hotel solve zone arena dad east".  These words were selected randomly and uniformly from a list of 2048 words (https://github.com/bitcoin/bips/blob/master/bip-0039/english.txt) using a secure RNG (you could use coins, dice, cards instead or in conjunction).  Unlike "There is no new thing under the sun", I can be confident that this precise string of words did not exist anywhere until this moment.  Before I revealed this precise passphrase it had, provably, 88 bits of entropy (so I'd guess it to have been about 300 billion billion times stronger).

Even then, I would recommend using something stronger still for a brainwallet.  While I occasionally use brainwallets with as little as 96 bits of entropy, I recommend a minimum of 128 bits to anyone that's not confident in doing the calculations themselves.  For reference:

• Casascius coin addresses have 128 bits of entropy and they're holding out well.
• A typical address as generated by Bitcoin Core contains 160 bits of entropy (about 4 billion times stronger than 128 bits).

Diceware, mentioned in tspacepilot's link, gives you about 12.92 bits of entropy per word so you'll want 10 words as a minimum and 13 words for maximum security.

Final note:  Now that I've posted "rebel twenty hotel solve zone arena dad east" online, it would make a poor brainwallet passphrase.  I wouldn't care to guess at its strength but it's certainly far, far less than 88 bits.

Thanks for this! helps a lot  :)