Bitcoin Forum

Hi guys,

Im a fan of storing bitcoin in a brain wallet, despite having learned my lesson rather brutally to make a ridiculously strong pass phrase. You can sleep at night knowing that weather your house gets flooded or burns down, or your computer gets hacked or stolen that your bitcoins will be safe. I like to make all my wallets brain wallets and import them into my MultiBit client.

So to make an extra secure passphrase I had an idea....

Take a reasonably good phrase, add some character, but it can be memorable. Generate your private key from that phrase. now take your public key and pass it through the SHA algorithm again. You can do this as many times as you like within reason, as you know you will inevitably find your address with this method if you try one at a time.


Im not sure how much security this method would add (apart from the number of times you rehash you public key) but my thinking is that for a computer to have to process the SHA algorithm for every brain wallet combination out there just a few times will drain plenty enough processing power to be impractical. I like this method because its so simple and easy to remember and you may use a memorable pass phrase within reason.

how much work would this add to the process of testing random brain wallets?

Thanks!

I don't fully understand what you mean. Why the public key only? At the end of the day what matters is the private keys, the seed of the wallet..
anyway, I trust more having backups + backups online with a relatively secure password protected file in several different providers than having to remember seeds, i just dont trust that my memory can serve me well for 20+ years without forgetting long passes.

how do you use brainwallet? it so complex  :'(

it's all about how many bits of entropy you have.  adding a single character only adds a few bits of entropy.  hashing and rehashing also maybe adds a few bits.  it's not a good substitute for a strong passphrase.

not sure why you are trying to reinvent the wheel, just use a good source like an electrum seed with measurable entropy, problem solved.

How about dna like security for a wallet, with a dna scanner or some sort of reader that read your dna signature, they only bad thing is if someone chops your friend or steals your blood i guess is no good.

It's a good idea... That's unfortunately not possible to deploy in a cheap way to a huge number of Bitcoin users. The immediate future will rely on retina scans ;)

chessnut,
Your approach is using a low "bits of entropy" passphrase, and then obfuscating it with a deterministic algorithm (in your case hashing keys). While it is unlikely that anyone will discover your secret any time soon, when bitcoin becomes more valuable there will be more "obfuscation algorithms" being checked automatically on low entropy passphrases. And laying out your general approach makes it easier to generate such algorithms. If you want to use brainwallets, spend the time to generate and memorize a truly random "high bits of entropy" passphrase. My recommendation is to use diceware.

in 2006 the following got either cracked or bypassed by an authorised agency:
a Microsoft login password made from :
a word, followed by a 7 digit number obtained from a known randomisation algorithm applied to a four digit number, followed by a word.
Now, it they can do that, then 2 or 3 rehash applied to an easy word is probably breakable nowadays.

I quite like the passphrase method used by electrum.

I don't like anything using DNA.  Does anyone know how many sequences of 200 or more bases in a human could also be found in the dna of a banana?  It just isn't the right sort of random until it has been rehashed so many times that you might as well use a bucket of bingo balls

Yea, i like the retina scans idea, Going back on my thoughts now we could use pretty much ideas from most movies now days, it would be really cool to in some future have some thing like this https://www.youtube.com/watch?v=zZRSnk8AY6I .

retina scan can be faked with a photo or a video, i think they talked about that, you need a retina scan plus movements of the eyes to be really safe

If you are worried about the brute-forcing of sha256 brain wallets, you might want to consider warp wallet (https://keybase.io/warp (https://keybase.io/warp)). It uses a large number of rounds of scrypt, which makes even a simple 8-char alphanumeric password reasonably strong. For more security, it lets you add a memorable hash (eg your email address).

A simpler wallet backup scheme has a better chance of being actually reliable than a more convoluted one. Whatever you do, make sure you somehow document it in case you forget what you did. Also, leave behind enough information for your heirs so that they can recover your coins in case you become incapacitated.

-- FK

I think this somewhat defeats the point of having a brainwallet in the first place. If you are going to make a brain wallet then you should keep it in your brain. By making a brainwallet, you are giving up one portion of security in exchange for another. You are giving up entropy in your private key in exchange for the possibility of your private keys being stolen by malware being generally removed.

there is a trade off, that's true, but not the one you say necessarily. if done right the b.w. has high entropy.

With a b.w. you're getting protection from theft or destruction due to physical access to hardware or paper...plus you get greater access/portability, in exchange for the risks of physical attacks and coercion on your person, human memory failure, and possible difficulty in transferring the wealth to next of kin.

Something very easy to remember for you but impossible to guess or brute force for others... What if you are kidnapped? Get some bodyguards before doing this  ;D

what is wrong with simply making an strong password out of random words?
like what some wallets do with their "Seed" it is pretty secure and don't need adding any random character in the middle.
for example i only have my Electrum seed which acts like a brainwallet for me anyways because i can restore all my addresses with just that seed.

Electrum seed is different from brainwallet. Electrum seed is generated randomly with 128 bits of entropy. Brainwallet is generated by the human brain and has the tendency of generating not so random passwords and can be easily cracked.

I don't agree.  A brain wallet's chief characteristic is that its primary keys can be generated from a passphrase, (regardless of how the phrase was generated).  So Electrum is also a brain wallet if you memorize the seed.