Bitcoin Forum

I have Bitcoin-QT with some coins in it, encrypted with a decently-lengthy password (11 chars).  From what I understand, a trojan built to steal my Bitcoins would have to have both a keylogger (to get the wallet password) and a file-grabber (to grab the wallet.dat).  How likely is this to happen, and has anyone ever seen such a trojan in the wild?

I know security through obscurity is generally looked down upon around here, but is there a way to point Bitcoin-QT to a wallet file that isn't named "wallet.dat"?  How?

Are there any other possible vectors of attack on an encrypted QT wallet?

Is there anything else I should be doing to better secure my wallet?

Keeping your bitcoins on securely produced paper wallets and only importing the ones you immediately intend to spend.

100% effective.  Second only to total abstinence from bitcoin.  You can never lose more BTC than you have online at any given time.

I would, but I am afraid of fire or forgetfulness wiping out my Bitcoin savings in such a case.

You could always make multiple copies and keep it in separate places (safety deposit box, home safe, etc.).  Cypherdoc (at the suggestion of someone else whose name escapes me) had a good suggestion of creating a paper wallet, covering it with construction paper, then laminating it.  It will not protect you from theft or fire obviously, but it does offer a greater deal of protection than just a piece of paper.

Your plan to keep your private keys in a an encrypted form in a wallet.dat file (even if you find a way to rename it) isn't any safer from fire or forgetfulness than that piece of paper.

For this I came up with encrypted paper wallets.

Put two copies in two safe places. Keep the encryption pass phrase in two or three safe places, one of which is your brain.

The encryption opens up so many options. Safes, spouses, safety deposit boxes, attorneys, family members.

I am happy with paper wallets. Fold it, with a piece of aluminum foil inserted, to protect the private key from prying eyes, and laminate. Two copies in two different, secure locations.

Casascius' encrypted keys work even better then alu foil, and offer additional possibilities - but I will wait for some additional scrutiny before I embrace them.

Keep a small amount on a machine as a security test.  If it goes you have a problem.

Yes it is... I could store it in my gmail or something, then access it no matter where a fire is (unless said fire is at Google, but I still have my local backup in such a case).

I suppose distributing them does make it easier... would it be any better than distributing an encrypted wallet.dat various places?  Why?

And if it doesn't go?  What happens when the problem comes later down the line?

I've always held less than 100 BTC (with one exception where I held ~500 BTC for a couple of days), and I've held it for almost 2 years on the same machine.  It's been safe so far, but that doesn't necessarily indicate safety for the future.

I'd like to bring this thread back to the QT client specifically, rather than focusing on paper wallets.  I understand paper wallets have their merits, I would just like to better understand the risks of the QT client and how those risks can be mitigated.

Decent anti-virus/anti-malware software; don't download random unknown/untested stuff.

Assuming that you don't have any old unencrypted copies of the wallet.dat sitting around anywhere, it sounds like you already understand it pretty well.  To steal/spend your bitcoins a potential thief would need both the encrypted private keys from your wallet.dat file and your password.  Electronically this can be done with a key logger.  I suppose it would also be possible to install a hidden camera that would record your keyboard to get the password.  Someone with that sort of access to your computer would probably be able to physically access your wallet.dat as well.  Same thing with looking over your shoulder while you type your password.

If we are talking really high tech, I suppose it might be possible to remotely record the sound of you tapping on the keyboard (laser picking up sound vibrations from your window?).  Using the rhythm, volume, and timing of your keystrokes, perhaps it would be possible to reduce the number of possible combinations to something that could be brute-forced?  If we want to think of this like a spy movie, I suppose someone could sneak in and clean all fingerprints off your keyboard just before you enter the room to send some bitcoins somewhere.  Then as soon as you leave they can identify which keys you hit by looking at the fingerprints?  A gun to your head might do the trick as well.

Thanks for the confirmation.

I'm not too worried about someone physically surveying me, but you never know.  If that's the case, I probably have much larger problems than my meager BTC holdings.  ;)

How is the encryption?  Are we talking 100's of universes of time to crack an 11-digit PW, or should I go with something even longer?

Type in the last five or so chars of you pass phrase with the on-screen keyboard, complicated put key logger proof  ;D (at least as far as I know)

I wouldn't be worried about the encryption being cracked.  I'd be far more concerned with creating a password that won't be cracked.  If your eleven digit password is 11111111111, I'd expect it to get cracked.  If you use an eleven character password , but only use lowercase characters (such as "mysecurepwd"), I'd still expect it to be cracked.  Add in some numbers and symbols, and now you are improving your chances of having a secure password.  If you really want it secure, use a completely random set of capital letter, lowercase letters, numbers, symbols/punctuation, and make sure that there aren't any "words".  Under those conditions, I'd expect an eleven character password to be beyond any current technology of cracking in your lifetime.  Want to be more sure?  Make it even longer.  Of course, the problem with such a password is it can be difficult to remember it if you haven't used it in a while.  This tends to people writing the password down.  If you are going to put the password on paper, you might as well consider paper wallets, since either way you are subject to the same risks and benefits.

Just today I started playing around with Armory (offline and online wallets) and at first glance it seems pretty impressive.

Disclaimer: I am not exactly a technophobe, but compared to most others on this forum I'm quite close. So if anyone knows of any potential pitfalls with Armory, I'd like to hear about them.

A reasonable compromise would be a passphrase with just one non-word, e.g. "This is my gP#m6ij_% password.".

On the topic of passwords, the usage of Unicode characters hasn't been frequently discussed. It certainly broadens the dictionary that the attackers would have to use, at the cost of potentially finding encoding problems that prevent its legitimate usage. But think of it, a single "ñ", "β" or "©" can completely change the game.

I specified that my paper wallet encryption scheme must use UTF-8, and included a test vector consisting of all Greek characters.  So at least there is an established definition for encoding Unicode passwords.  There's still the possibility for confusion with respect to composed versus non-composed characters, but don't think it will present a major issue (non-composed characters, as I understand it, are far more commonly used, and this is a function of the input method that has nothing to do with the wallet encryption in the first place)

I have a fresh install of Linux Mint on a Laptop that rarely touches the Net.
I use Armory and have a watch only Armory wallet on my Windows 8 machine.
I have multiple backups of my wallet in Truecrytpt containers... some in the cloud, some on a USB stick.
I feel pretty safe.

I wouldn't want bits of paper knocking around unless I had a fireproof safe.

Thanks.  The password certainly isn't something that will be cracked by anything but a non-pattern brute-forcer, but it's still short enough to be easily remembered.  I feel good about my chances then.

It's great software, I just hate the launch times.  First launching the QT client and waiting for that to load, then waiting for Armory to load on top of it...

Paper isn't even THAT safe inside a fire safe either.  Safer, but an intense house fire without intervention could have it brown to the point of unreadability.

I had a feeling that keyloggers will be the next biggest threat for BTC security

And on the other hand, the password management could really become a pain, sooner or later someone lost many of his coin permanantly because he just forgot one of his brainwallet password  ;D ;D

I do value convenience highly.  I do not currently have a large BTC balance, but if that changes in the future, I will obviously put more weight into the most secure solutions.

I don't really have any spare computers that don't touch the web... that's what you're talking about, right?  A spare machine that is always offline, and that you use with armory and a USB key to sign transactions?  Maybe I should build one out of spare parts... how much ram is required for an offline only machine?

3 Rules of Computer Security:

Do not own a computer; Do not power it on; and do not use one.

That's 30 characters.  So what you are saying is, "use a longer password"?


That's 28 characters.  So what you are saying is, "use a longer password"?

Thanks. I'm doing just about the same right now, and as I said, quite impressed with it. The whole process for signing an offline transaction does take well under a minute and having digital and paper backups for the wallets is very reassuring.

Ugh. Please check your math.

In[1]:= 11^94

Out[1]= 7778796406007058285951393811497112871791787694\
6029329123560958680818697236800243835465535478292041

In[2]:= 94^11

Out[2]= 5062982072492057196544

Bah! What a dumb mistake to make.  I know better too.  Sorry about that.  Can't believe I did that.  I've deleted the post, as the whole thing was based on that really bad math.

EDITED and re-posted to address a really dumb math mistake...

I'm familiar with the xkcd comic, OP was specifically asking about an 11 digit password.  My suggestion was to use a completely random set of capital letters, lowercase letters, numbers, symbols/punctuation which would provide 94¹¹ possible combinations.  That is approximately 72 bits of entropy, as such, it is about as secure as you are going to get with 11 characters, though still less secure than a bitcoin address (having 160 bits).  If you want your password to be as secure as a bitcoin address, you'll need at least 25 characters as long as it was a completely random arrangement of capital letters, lowercase letters, numbers, and symbols/punctuation since 94²⁵ > 2¹⁶⁰


P.S. Care to double check my math again 2112?  No guarantees that I haven't made another dumb mistake.

I'm just going to post here what I posted for jim618 in his Multibit thread.

OK quick question:

1) you have a dummy (empty) wallet.dat in .bitcoin so as your bitcoin-qt can stay up to date
2) you keep your real wallet.dat encrypted (say truecrypt) in a usb or maybe also on your mail or dropbox.
3) if you want to make a transaction:
    a) get your encrypted wallet
    b) decrypt it and copy it into .bitcoin
    c) make transaction
    d) replace real wallet.dat with dummy one

question: Is this secure enough or are you still in danger during the transaction (for as long as you have your real wallet.dat linked to bitcoin-qt)?

SK       

You would be better off doing this with a cheap dedicated device: http://youtu.be/1pDSzOiFgIk

Point taken ;),
Thanks Jan.