|
Title: Securing BitCoins Post by: cdc7270 on March 22, 2013, 01:31:32 AM Hello -- I am trying to create a secure offline wallet, which I will share the details below, but the one thing I do not know how to do is validate without bitcoin or other complicated software, online wallets, etc... that my private key will successfully access funds associated with a public key when that day comes. Does anyone know of how I might do this? Something like offline javascript would be fantastic -- or the algorithim if it's not too complicated to code quickly.
I believe my method satisfies the following: Don't need to trust anyone except a non-bitcoin-related website (such as lastpass.) Verify I will one day be able to access private funds. All this done without ever being on the internet. My procedure: 1.) Use a randomly generated password from a source such as lastpass. (or any other trusted source) 2.) Use this generated password AND bitaddress.org offline with the brain wallet tab. 3.) I would like to offline, validate that my private key works with my public key. (I'm hoping for a simple algorithm or offline javascript) 4.) Encrypt Private/Public Key and Encrypt original Lastpass Key and store in several locations OR just make paper wallets and store in several locations. 5.) Use blockchain and setup a WATCH only address with my public key. 6.) Receive funds to public address. 7.) Wait and see what happens with bitcoin. Title: Re: Securing BitCoins Post by: hdcafe on March 22, 2013, 01:39:39 AM print the private key onto papers. make 2 copies. save them separately.
more secure, to split the key and print on different papers. you still need 2 physical copies. ::) Title: Re: Securing BitCoins Post by: nimc on March 22, 2013, 12:03:13 PM 4.) Encrypt Private/Public Key and Encrypt original Lastpass Key and store in several locations You mean that you would encrypt the randomly generated strong password that Lastpass generated for you with some passphrase that's easy for you to remember? That would mean that you could be attacked by brute-forcing your passphrase instead of the strong password, so generating the strong random password wasn't helpful. You don't have to rely on external websites to generate passwords, you could take for example some identifier string of your choice like "mywallet01" and do sha256(passphrase+mywallet01) and use the resulting hash as the password for encrypting your wallet.dat, and then backup and store that wallet.dat at several locations. Title: Re: Securing BitCoins Post by: cobra-kai on March 22, 2013, 12:09:42 PM If I understand correctly, your question is really about point 3 on your list, i.e., you would like to verify as well as possible that your private key matches your public key, without making any transactions. Note "as well as possible", because of course the ultimate proof is actually performing a transaction. This can be performed on bitaddress.org, in the tab "Wallet Details". If you are paranoid about typing in your private key even if you are offline on a computer that is normally online, you can save the bitaddress.org web page on a USB stick, and open it on a dedicated offline computer, for example, since it is self-contained.
|