|
Title: Personal 2-factor storing of private keys (10 BTC bounty) Post by: curious on January 30, 2013, 05:13:12 AM I'm trying to come up with a safe way to store my bitcoins where you would need 2-factor to spend the coins. The simple approach I can come up with is to store my private keys in a bank safe, but make sure that the private keys are encrypted with a strong password that only I know. I would then set up a dead man's switch to send that password out in case anything happens to me. This way, you would need to have access to my bank safe and know my password in order to spend the coins. That seems pretty safe to me. Thoughts?
Now the question is, what is a simple way to encrypt my private keys? I need something that's secure but also easy to use to decrypt. Since I have to describe how to decrypt the keys in my dead man's switch email. Title: Re: Personal 2-factor storing of private keys Post by: Stephen Gornick on January 30, 2013, 05:36:41 AM I'm trying to come up with a safe way to store my bitcoins where you would need 2-factor to spend the coins. The simple approach I can come up with is to store my private keys in a bank safe, but make sure that the private keys are encrypted with a strong password that only I know. I would then set up a dead man's switch to send that password out in case anything happens to me. This way, you would need to have access to my bank safe and know my password in order to spend the coins. That seems pretty safe to me. Thoughts? Now the question is, what is a simple way to encrypt my private keys? I need something that's secure but also easy to use to decrypt. Since I have to describe how to decrypt the keys in my dead man's switch email. Some related threads: Dead Man's Switch? - http://bitcointalk.org/index.php?topic=110353.0 Casascius "accidentally" creates a 2-party escrow GUI. - http://www.reddit.com/r/Bitcoin/comments/14j7wx pybtcsplit - m-of-n Private Key Splitting made easy in one simple python utility - http://bitcointalk.org/index.php?topic=104086.0 To generate a split key there is a new feature (v2.1) in the Vanity Wallet on bitaddress.org - http://bitcointalk.org/index.php?topic=43496.msg1421075#msg1421075That or how about just a password-protected PDF? That has the benefit of being completely usable by a layperson given only the file and the password. This also uses AES under the hood. - http://bitcointalk.org/index.php?topic=92374.0Lately I have been working on an iPhone app to implement a BIP 38 tool for the end user. - http://bitcointalk.org/index.php?topic=129317.msg1430037#msg1430037Title: Re: Personal 2-factor storing of private keys Post by: dancupid on January 30, 2013, 06:31:00 AM A simple non-techie approach, which I use, is to print out a paper wallet and then use this private key as the first factor.
Paste this into http://brainwallet.org/ passphrase field and then add your password as the second factor creating a new private key/address - send all your bitcoins to this address. You can allow some access to the original paper wallet, so you can safely store it in many places, with family members etc example. paper wallet address 1JwSSubhmg6iPtRjtyqhUYYH7bZg3Lfy1T private key 5KJvsngHeMpm884wtkJNzQGaCErckhHJBGFsvd3VyK5qMZXj3hS passphrase for brainwallet: 5KJvsngHeMpm884wtkJNzQGaCErckhHJBGFsvd3VyK5qMZXj3hSthisismydifficulttoguesspass word producing address 1GuJmVpp4x1bhNoj67ngViEyk6Aa1yadVB - to which you can send all your stored wealth. Goes without saying that this should all be done offline on a fresh os install. Title: Re: Personal 2-factor storing of private keys Post by: paybitcoin on January 30, 2013, 07:00:46 AM Thanks BIP38 seems like what I want. But there doesn't seem to be an easy tool to do the encryption or decryption yet. I don't run Windows. :) And here's my dead man's switch: http://www.deadmansswitch.net/ There was a BIP38 bounty that Casascius posted a few days ago to implement it in javascript. There is now an implementation you can run here: http://scintill.github.com/bitaddress.org-bip38.html (go to wallet details) Also see this thread for more info: https://bitcointalk.org/index.php?topic=136651.msg1477914 Title: Re: Personal 2-factor storing of private keys Post by: paybitcoin on January 31, 2013, 07:32:15 AM I will give 10 BTC bounty for someone to create a pull request to modify bitaddress.org to give me an option to create an encrypted paper wallet using BIP 38. Oops, didn't check the other thread first. Good luck! Title: Re: Personal 2-factor storing of private keys (10 BTC bounty) Post by: Vitalik Buterin on February 05, 2013, 11:19:46 AM Here's a script that lets you split a private key into N parts, of which any K can be used to reconstitute the original, where you pick the N and K when splitting.
https://github.com/vbuterin/btckeysplit |