This indeed was way too easy. Because I made it easy enough to be cracked, hence the puzzle. So, even [...] if it wouldn't be purely based on security through obscurity (which it does), it still would be a worthless scheme.
It's not. It's not cryptographically secure, but it's still quite secure, depending on how you use it: With 2 dates in 1900-2021 range there are about 1 billion possibilities. With 3 dates it's 14 trillion, with 4 dates it's 158 quadrillion. Good luck cracking that. |
|
|
|
IMO 7 days is quite short since he use free (?) API and single-thread software.
Because I gave out hints it's only 2 dates and in 1900-2021 range, to make it easy. |
|
|
|
BIP39 is neither security by obscurity nor does it leak plaintext bits. It's an easy way to store your wallet's seed; it doesn't leak anything because it is "the leak". I employ this same simple and easy way to store the seed words, not random 100-300 character Base64 encrypted gibberish. You still don't get it. These are neither 100-300 chars Yes they are, 128 in the example above by AES256 encrypting 12 mnemonic words with the password "blabla". Are you blind or intentionally obtuse? It doesn't make any sense to create a shitty and insecure shift-cipher (which has to be taught how to use) instead for example just a BIP39 passphrase. Most proper wallets can handle this. Most wallets generate your 12-24 seed words for you, without the possibility of using a passphrase, so no. This is meant for those cases. So you've got 3 options: 1. write the seed words as is; 2. write them cryptographically securely encrypted as 100-300 character gibberish; 3. write them down not cryptographically securely encrypted but in easy human-readable BIP-39 words that are still realistically impossible to crack without knowing the method used, which still gives you plenty of time to recover your funds in case of theft. Do you get it now? (well there is the 4th option of buying a TREZOR/Ledger and moving all the funds there) |
|
|
|
I don't to visit any website. I know how AES works behind the scenes. I don't care what a random website outputs on an arbitrary input. LOL. No, it doesn't. Check openssl for example. It comes with literally every linux distro out there. Yes it does. Windows does not come with it, so you have to download it or similar software. Stop pretending only Linux exists and that everyone uses or knows how to use Linux. As shown in my previous post, a 12 word mnemonic results in 48 byte which can be easily represented by 48 characters. openssl enc -k blabla -aes256 -base64 -e -in seedwords.txt -out encrypted_seedwords.txt: U2FsdGVkX1/boCM0jlccYHbJiy9dEc0fko5UiDWHTIY/au62xL802na5+2osDm7I
3VZ9JuwDob0mK3lT5ygY1ypkm0/Hp+1fsor3kWtzK/E0AE6Bd50n7YFYlvGmnQp4 128 characters. Now just let me explain to my mother how to make a bootable Linux distro and run the above openssl command in reverse, noting to remember to use aes256 and not aes192, aes128, etc. Easy. That is one reason why it is bad.
Another one is that it leaks bits of the plain text.
Any of these 2 reasons is enough to deem that as a bad design. So BIP-39 is a stupid and bad idea, saving the wallet's key in an easy and human readable format? It's not.
Simply cryptanalysis and even bruteforcing is enough to break your "scheme". Yes, after I provided the exact algorithm and hints to make it crackable. Once again: If I just came here and said "crack this, it's encrypted, good luck lol", absolutely nobody would be able to do it, because the possibilities I could have used to encrypt it are endless. It'd be the same as trying to brute-force Satoshi's private keys.
Just stop pretending your "mechanism" is good. It is not even close to being acceptable.
Still not getting it and missing the point. Your alternative is to write down 100-300 random characters on a piece of paper (have fun with that) and then require your family to be above-average computer literate to be able to decrypt it. This is exactly why BIP-39 was made, to avoid having to do that, and to write down your wallet's key in an easy and human-readable format. But yes, a better and cryptographically secure (which mine isn't, and I never claimed it was) way would be if there was an accepted standard to convert AES encrypted text into BIP-39 words and write it down that way. But even this way would require extra computer knowledge to decrypt, not something your Average Joe would know how to do. Again, mine is simpler and can be done by hand. A trade-off for simplicity. |
|
|
|
Why don't you just use BIP 39 passphrase, then save the seed words on crypto.txt without the passphrase itself?
Most wallets do not offer that possibility, they generate a 12, 15, 24 word wallet for you. Of course using TREZOR/Ledger with a passphrase is safer, but you could even use that AND date-shift encrypt it for EXTRA security. |
|
|
|
To be honestly, i couldn't care less about your approach and whether your mom will understand anything.
My only concern here is that others might believe this is a gOoD iDeA. That's the only reason i am commenting here. I absolutely don't care about you and your BTC. So when you realize you're talking bullshit and making things up on the fly "jUsT uSe yOuR oS tO eNcRyPt tHe SeEd WoRdS" you just resort to petty remarks and say how you couldn't care less. Hurr durr. Just be honest and admit you're talking out of your ass. AES is a Block Cipher which works on 16 bytes blocks.
Assuming a 12 word mnemonic code, that's 132 bit (=16.5 byte) which results in a 32 byte output. If you want to store the IV together with the cipher text, that would be another 16 byte resulting in 48 byte in total.
That's nowhere close to "100-300 gibberish characters".
A 24 word mnemonic would result in 16 more bytes (a total of 64 bytes). Go to https://aesencryption.net/ (something my or your mom would find on the internet), input the seed words, encrypt, count the number of characters. Now, instead of trying to call other people out on "not getting it" where "it" equals your shitty approach every sane person in the crypto scene wouldn't even touch with a stick, learn the fundamentals. Only then, we can start talking about encryption schemes and security in general.
But you actually still don't get it because you have your head so far up your rear end and you're entirely missing the point: the point is to write down the seed words on a piece of paper and also allow family members to easily access your wallet if anything happens to you. You can either write it down in plain-text, which is not a good idea because any thief finding the paper can steal your funds, or, encrypt the seed words in some way to prevent that from happening. Your pRoPosEd method either involves a) external/online software to do, b) storing it digitally in a file for easier copy-paste into said external software, or c) writing down 100-300 random hard-to-read Base64 characters on a piece of paper, case-sensitive, and hoping for no human error when typing it into said external software (and on paper!). My method doesn't involve external software, you can encrypt/decrypt by hand, you can write it down in easy human-readable words, it can provide plausible deniability and yes, security through obscurity (you wouldn't know whether the seed words I wrote down are encrypted (or how), mistyped, or (as long as the last word is a valid checksum) if I send a small amount of decoy crypto to that wallet, that's all you'd think there is). A wrench attack is the only thing my method is really vulnerable to, because it's obviously crypto seed words the paper holds (hence I also made this easy way to obfuscate the seed words by mapping them to their Traditional Chinese BIP-39 Unicode counterparts: https://github.com/mifunetoshiro/bip39_obfuscator), whereas AES encrypted gibberish gives you greater protection in this regard. A trade-off for easier and more human-friendly storing and recovering of crypto ( the very reason why BIP-39 got made, lol. And in any case, the only reason somebody was able to crack this puzzle was because I gave out the exact encryption algorithm and numerous hints to make it intentionally easier. If I just came here and said "crack this, it's encrypted, good luck lol", absolutely nobody would be able to do it, because the possibilities I could have used to encrypt it are endless. It'd be the same as trying to brute-force Satoshi's private keys. |
|
|
|
Who said anything about online services?
You do trust your Operating System, right? Then just use the built-in tools. As easy as that. Ok, encrypt bacon bitter goddess sheriff differ kit sock stomach rhythm skill trade drastic with password "bla" on Windows 10 without downloading external tools, and then also decrypt it. Let me see the how-to so even my mom can understand. And you also don't need 100-300 gibberish character, it seems you still didn't get it. Just read my last 2 posts again. You can use the same secret which in your case are a few dates. No additional characters. You still don't get it. AES encrypting the seed words will produce 100-300 gibberish characters that you need to write down on a piece of paper, case-sensitive. Saving them in crypto.txt on my mother's computer is a bigger security risk, even though the encryption is better. |
|
|
|
So, what was the method used to solve the puzzle?
Waiting for a write-up from the guy who solved it. |
|
|
|
You didn't get it.
First, you could just write that down.
"Dear mother, decrypt the following thing by pasting it into the software called XXX on my PC: ..."
Second, that is not what i wrote.
Your secret data you have used for the shift cipher were some dates.
You could use exactly these dates (the secret information) as a key in an AES cipher. That would be already way more secure than your approach since it wouldn't leak anything about the plaintext at all.
And when decrypting, that is exactly the same effort (Taking secret info X and doing Y).
I think it's you who didn't get it... With my method you don't have to rely on any external software or use online services (and risk theft) to decrypt anything, you can do it by hand. And with my method you can simply write down 12-24 BIP-39 words, not random gibberish 100-300 characters. The point is to write them down on a piece of paper, not store them on a computer in crypto.txt that my mother has access to and can simply copy-paste it. That's just extra risk right there. |
|
|
|
Well if someone is not capable of filling out 2 textboxes in a UI (one with the words and the other with the passphrase used) then they also won't be able to use any other method such as your shift cipher which requires the same 2 inputs (mnemonic and a date)!
And risk using these online encryption/decryption services who may save the results and steal funds as well? With my method you can do it by hand, you don't need any script. |
|
|
|
|
So AES encrypt the seed words with a password, then encode the encrypted text as seed words, so to get my original seed words I have to 1st unencode the encrypted text and then decrypt the encrypted text with a password.
Yes, I'm sure my mom will figure that one out.
|
|
|
|
|
The puzzle has been solved!
I will give out more details later!
|
|
|
|
It is way less secure than using a strong cipher with the same secret data.
Your mechanism leaks bits of the plaintext, which is always bad.
You could have just used your 4 dates or whatever shit you are using and use a proper encryption cipher.
Then no single bits would have been leaked and you'd be pretty fine.
See: How do I explain to my mother to AES decrypt "71TjQQYPkadCq8qUA6Lqt7FhUBEjPSzgDSbBA6spbtD/j8v3JXp9Vpco0H8rS/TK2/IOMS0aHF5QIyLihGuP2dSgdoKdyDrb82O72tNPdT4=" and ensure to type it out correctly?
Birthdays and anniversaries everyone remembers, and with 24 seed words you can shift it with up to 8 dates. Never said it's unbreakable, but it's not easy to break either, it gives you plenty of time to react in case of theft and it's simple enough by knowing the dates to do it by hand.
The point ot mnemonic keys is to be able to write them down easily on a piece of paper and recover them if needed, both by yourself and your family if anything happens to you. You really expect anyone to write down 100-300 random characters (or even engrave them on metal plates) and then think your family members will know how to decrypt them? It's pretty much guaranteed your crypto is gone if you die if you use this approach. Some of us actually thought about these what-if scenarios to ensure our families get a piece of the pie if something happens to us. Do whatever you want.. when storing 20$, no one will care. You could also just store it in plaintext.
But in the real world you wouldn't know how much crypto a wallet holds. What if it's thousands or millions? |
|
|
|
Could you confirm that coins are not BTC on the first address of the first account (m/44'/0'/0'/0/0)?
Yes, I can confirm that. |
|
|
|
No, it's still safer than writing down your seed words in plain text, there's no debating this, otherwise this puzzle would already be solved. The obscurity is still there, because in the real world you wouldn't know what method someone used to encrypt their seed words. Here in this controlled environment I gave out the exact algorithm used and hints and still nobody solved it. In the real world you wouldn't know any of this. If I just posted an encrypted seed word mnemonic here without the method I used and without any hints whatsoever it would be impossible to crack, same is when a thief comes across your encrypted mnemonic. I know about using an extra passphrase, as I wrote on github: The purpose of this is to be able to safely write down your mnemonic seed words, not having to worry about a thief stealing your private keys, and in case something happens to you, allow your family to regain access to your wallet without needing to know a complex passphrase (TREZOR/Ledger), as all they need to know is the dates you used and the method to decrypt the words (pretty easy if it's in-family birthdays). Gather them around the table and do a couple of examples by hand. If you have a TREZOR or Ledger hardware wallet, having a complex passphrase as the "25th" word is more secure, but the more complex the passphrase is, the easier it is for your family or even you to not remember it at all (unless you wrote it down, which is a security risk in itself). If something were to happen to you, having a simpler passphrase (such as names or birthdates) would make it easier for your family to remember and access your wallet, and you could use both a passphrase and encrypt the seed words with a date shift cipher for extra security. MetaMask for example does not support the 13th/25th passphrase, so if someone has a MetaMask seed how would you safely write it down? Most wallets generate 12 or 24 seed words without the possibility of adding an extra passphrase, how would you safely write them down? My method works and is secure. |
|
|
|
It looks more like security through obscurity. As I wrote on my github: Note that the encrypted words/numbers are not cryptographically secure, as they can be bruteforced to get the original words, but they do give you some protection from the common thief and some extra time to react in case of theft, etc. Is the above true? Yes. Is it safer than writing it down in plain text? Yes. |
|
|
|
|
Remember also that not all seed words generated are valid, the 12th/24th are checksums, so if it fails the checksum test it's obviously not the right mnemonic seed/date.
|
|
|
|
|
It means it could be BTC or ETH or both.
|
|
|
|
|
Show Posts
