|
Title: ECDSA, Dermanisitc wallets/addresses Post by: jubalix on October 21, 2013, 08:13:31 AM [1] Can anyone speak to the issue, if I use a deterministic wallet (eg electrum) and I spend from one address, then the ECDSA is all what is needed to be cracked, can that private key be used to access the rest of the address even though Unspent.
[2] Thus would it be safer if I use multibit or the QT- client, as the issue is in the random generation only but the second "vulnerability" is not an issue as those addresses are not deterministic. A follow on question [3] Where is the best place/software to generate the safest addresses keys (so the best random generator), as I like the electrum interface and could always import keys? [I don't really trust any web based generation mechanism, I imagine ot would have to be open source and the run on an air gapped computer] I have tried to raise this in the electrum sub boards, and the answer was not as definitive as I would have hoped. It would seem the return address feature was sufficiently needed for satoshi and others to include it in bitcoin. Thanks in advance. Title: Re: ECDSA, Dermanisitc wallets/addresses Post by: Dabs on October 21, 2013, 08:58:32 AM [1] Can anyone speak to the issue, if I use a deterministic wallet (eg electrum) and I spend from one address, then the ECDSA is all what is needed to be cracked, can that private key be used to access the rest of the address even though Unspent. [2] Thus would it be safer if I use multibit or the QT- client, as the issue is in the random generation only but the second "vulnerability" is not an issue as those addresses are not deterministic. A follow on question [3] Where is the best place/software to generate the safest addresses keys (so the best random generator), as I like the electrum interface and could always import keys? [I don't really trust any web based generation mechanism, I imagine ot would have to be open source and the run on an air gapped computer] I have tried to raise this in the electrum sub boards, and the answer was not as definitive as I would have hoped. It would seem the return address feature was sufficiently needed for satoshi and others to include it in bitcoin. Thanks in advance. 1. I like random wallets. 2. I like QT, and I think it is safer as far as wallets are concerned, provided you take all the other usual precautions. 3. I use vanitygen that allows compressed keys. You can also use bitaddress offline, but vanitygen is much faster and you can make 1jubalix keys if you wanted, for example. 4. It wasn't phrased as a question, but I use Coin Control so I can pick my change or return address. Title: Re: ECDSA, Dermanisitc wallets/addresses Post by: jubalix on October 21, 2013, 09:06:34 AM [1] Can anyone speak to the issue, if I use a deterministic wallet (eg electrum) and I spend from one address, then the ECDSA is all what is needed to be cracked, can that private key be used to access the rest of the address even though Unspent. [2] Thus would it be safer if I use multibit or the QT- client, as the issue is in the random generation only but the second "vulnerability" is not an issue as those addresses are not deterministic. A follow on question [3] Where is the best place/software to generate the safest addresses keys (so the best random generator), as I like the electrum interface and could always import keys? [I don't really trust any web based generation mechanism, I imagine ot would have to be open source and the run on an air gapped computer] I have tried to raise this in the electrum sub boards, and the answer was not as definitive as I would have hoped. It would seem the return address feature was sufficiently needed for satoshi and others to include it in bitcoin. Thanks in advance. 1. I like random wallets. 2. I like QT, and I think it is safer as far as wallets are concerned, provided you take all the other usual precautions. 3. I use vanitygen that allows compressed keys. You can also use bitaddress offline, but vanitygen is much faster and you can make 1jubalix keys if you wanted, for example. 4. It wasn't phrased as a question, but I use Coin Control so I can pick my change or return address. coin controll? is that a function of qt? Title: Re: ECDSA, Dermanisitc wallets/addresses Post by: Abdussamad on October 21, 2013, 03:37:08 PM You won't get a better answer than the one given to you by ThomasV in that other thread:
https://bitcointalk.org/index.php?topic=303969.0 Regarding coin control it can mean two things depending on context: - The ability to control which addresses make up the input of a transaction and where the change goes. - A special version of bitcoin-qt that allows you to do the above. Search the forum for more info. Title: Re: ECDSA, Dermanisitc wallets/addresses Post by: Dabs on October 22, 2013, 02:05:56 AM Yes, Coin Control allows me to pick which specific unspent outputs to use for my transaction, and also allows me to specify a particular address as the change address. This is optional because you can simply spend it all, and assign another address for the change even without this ability; it's just nice that it was included in the patch that I'm using.
I use the Coin Control by Cozz. https://bitcointalk.org/index.php?topic=144331 |