Bitcoin Forum

Bitcoin => Bitcoin Technical Support => Topic started by: fivemileshigh on September 30, 2012, 01:57:28 PM

Title: Security of Apple's encrypted dmg's
Post by: fivemileshigh on September 30, 2012, 01:57:28 PM
Hi guys!

I printed one copy of a paper wallet on a brand new offline mac installation, that only had tha saved webpage on it and the printer drivers. I then saved the pdf on an encrypted apple dmg image with a 20+ character password. Ejected the image, saved it on a stick, shut down, formatted and zeroed-out the drive, then uploaded the unopened dmg to dropbox, emailed it to wife/friends for safekeeping and saved it on various other media.

The paper copy is in a safe place.

I'm guessing I should be pretty safe, would anyone care to comment? Oh, OS 10.6.8 if it matters.

many thanks in advance.

Title: Re: Security of Apple's encrypted dmg's
Post by: casascius on September 30, 2012, 02:05:01 PM
For that much work I would have printed a long time supply of paper wallets instead of just one.

I am not sure what encryption is used in a dmg, nevertheless I would have done an encrypted PDF if it were me - knowing PDF uses AES - and because it would be openable on more machines while requiring a lower skill level to do so, just in case I need it openable by others. But that would be just me, and my needs may not be the same as yours.

Title: Re: Security of Apple's encrypted dmg's
Post by: DeathAndTaxes on September 30, 2012, 02:19:12 PM
Yeah the two concerns are future access and security. 

What is the specs of the closed source dmg format?  Who knows.  Does it have an easily exploitable cryptographic flaw? Who knows.  In 20 or 30 or 50 years will Apple still produce OS capable of using that file format?  Who knows.

While there is nothing wrong with how you make a backup, using an open standard (like an AES encrypted text file) would ensure higher future compatibility and the security is more transparent.

Title: Re: Security of Apple's encrypted dmg's
Post by: Revalin on September 30, 2012, 02:22:15 PM
I don't know how well DMG encryption has been audited. I reccomend using gpg or truecrypt which are both well scrutinized and available on all major platforms.

A 20 character password is sufficient if it is completely random but possibly not if it is from dictionary words. I reccomend against l33tspeak words which tend to make the password hard to remember faster than they add entropy.  Either use a short fully random key or use a long list of plain words.  Otherwise you will forget some bit of punctuation.

The rest of your process looks good for a highly paranoid approach.