Bitcoin Forum
September 21, 2021, 06:40:44 PM *
News: Latest Bitcoin Core release: 22.0 [Torrent]
  Home Help Search Login Register More  
  Show Posts
Pages: « 1 2 3 4 5 6 7 8 9 10 11 12 13 14 [15] 16 17 18 »
281  Bitcoin / Bitcoin Discussion / Re: How much hashing power should one reasonably expect an attacker to have? on: August 11, 2012, 06:07:52 PM
A random salt from a range with x values has the same computational requirements as a recursive hash with x rounds.

Even 100K is likely sufficient for your needs but modern CPU are much faster than you are thinking.  Throughput is in the millions of hashes per second.  If you are willing to wait minutes you could make the salt say a random 32 bit int.    Remember it will take you the same amount of time for every typo or misremembered passphrase too.

Still there really is no value of doing it this way over an recursive hash.  Given recursive hash functions like PBKDF2 are well researched and extensively used I would always go with that option over any type of "roll your own" cryptography.
Actually, wouldn't it have somewhat fewer computational requirements?

If x = 4, the recursive has has to go through 4 iterations.

However, the random cracker has a 1/4 chance of getting it the first time, 1/2 in the second or first one, and so on. 

Not that this is a good thing from a cryptographic point of view, but, you know.

Doesn't recursive hashing reduce entropy?  I assume difference is probably too small to matter, though.  I don't know, I guess I just like the idea of requiring some randomness to access the coins.  If I did it that way, I could have a lot of different addresses in my wallet all using the same key.  Of course, the same thing is possible just by adding more hashes for new addresses.

Thanks for the insight.
282  Bitcoin / Bitcoin Discussion / How much hashing power should one reasonably expect an attacker to have? on: August 11, 2012, 05:40:18 PM
I've still been thinking about brainwallets, and I wondered about this.

Basically, I'm thinking that I can use a relatively short memorable password of the correcthorsebatterystaple variety with a strong strengthening algorithm.  I know the tradition is to use recursive hashing, but I was thinking more like a random salt within a limited range.

Basically, I'd have an address, and my password.  In order to find the private key, I'd have to have an algorithm try, say, a million different salts until it finds a result that matches the private key.

What I want to know is whether or not a million is a good number.  I'd like to be able to access my coins from an average computer using cpu only in < 10 minutes while slowing down attackers as much as possible.

Would this work?  How many salts would I need?
283  Bitcoin / Bitcoin Discussion / Re: Will deflation be the fatal weakness of bitcoin? on: August 08, 2012, 10:39:39 AM
There is one weakness of it, which I hope someone can invalidate. Suppose I'm a car-dealer and I buy 1 car for 100 BTC from my supplier. By the time I can sell it to a customer, I can only ask 95 BTC for it, because of deflation. Now everyone argues that isn't a problem, because the prices at my supplier also have dropped with the same amount, so I can buy a new one there for 95 BTC, and again have 1 car in stock, and don't suffer any losses. But if I did absolutely nothing I would still have 100 BTC, so why should I work hard as a car-dealer instead of hoarding?

I can't see why this would be good for Bitcoin. People said that it's good because it forces merchants to keep their stocks low, or produce goods only on-demand. But then you're asking merchants to change the way they have been doing business for decades, which seems unlikely to happen.

So how can Bitcoin solve this problem for merchants?
I don't see why that seems unlikely.  The car-dealer will realize that buying stock he can't sell at a profit is a bad investment, and will adjust his practice accordingly.

Besides, if the merchants are more comfortable doing business in more traditional currencies, no one's going to force them to use bitcoin.  It seems to me that most of the talk about inflation/deflation becomes irrelevant as soon as we let go of the idea that currency has to be a monopoly.
284  Bitcoin / Bitcoin Discussion / Re: Recurring Payments with BTCs on: August 08, 2012, 10:23:00 AM
Repeating payments would be a risky proposition with the bitcoin value as unstable as it is and with bitcoin being irreversible.  You tell your wallet to send a payment of 1 BTC every month, but what it there's a sudden spike or drop in value?  What if the site is hacked and their wallet is hijacked, but you don't get the notice in time?

I think the best solution is simply for bitcoin businesses to use a prepay model.  When I was in China, everything was prepaid.  Cell phone service, apartments, electricity, you name it, and it greatly simplified a lot of things, especially for a non-citizen like me.  When the customer runs out of credit, the service is stopped.  It's a little inconvenient when services were interrupted unexpectedly, but pretty soon you learn not to let your services expire.

285  Bitcoin / Bitcoin Discussion / Re: Making a brain wallet "cheat sheet" on: August 07, 2012, 02:00:46 PM
I'm not really sure what benefit a "cheat sheet" offers. I like to think of a brain wallet is something you can use in a prison without internet access or something to cross borders with nothing in hand. It's not that I want something "torture proof" because that's just unrealistic, but having a little extra security never hurt.
I just want to have a backup in case my memory fails without compromising too much security.

As I said, I'm intrigued by the idea of using guess-and-check for additional security like retep touched on.

How about this.  Instead of a huge sprawling list of questions, we limit it to smaller number x.  We then run an algorithm that makes a random combination of y (repetition allowed) keys and a random iteration# within a fixed range and generates the address based on that but doesn't store the combination.  When we want to retrieve the private key, we have to run an algorithm to brute force the correct combination of keys.

Memory failure?  Check.  The keys could be answers to personal questions and the algorithm could be recorded in a semi-secret way.
Random dictionary attack?  Check.  The hash key will be too long.
Finding the list and brute forcing the answers you don't know?  Check.  The existing brute force makes this impractical.

This would be much more secure than my first idea, and much easier to remember too.

The only question would be the optimal values of x, y, and iteration range.  Hmm...
286  Other / Beginners & Help / Re: Most user friendly client? on: August 07, 2012, 12:26:27 PM
Seconding  That's what I use most of the time.
287  Other / Off-topic / Bitcoin rites on: August 07, 2012, 09:32:31 AM
(Disclaimer: Not meant to be taken seriously.)

Money has figured into the religious and funerary rites of many cultures throughout history.

The ancient Greeks would place a coin into the mouth of the deceased for Charon.

The Egyptians have been plagued tomb-robbers throughout their long history.

Even today, many Chinese people burn Joss paper as offerings to both the gods and the spirits of the departed.

How might bitcoin bring customs like these into the digital age?

I propose that each of us creates a special "funeral address" and burns the private key.  The funeral address will be placed in our will, to be later carved into our tombstone.  When one of us dies, each of his friends and relatives will send a certain amount of BTC to this address to express their grief.

We can revive the practice of burying treasure with the dead, except this time we won't have to deal with grave robbers.  Cheesy

Any other ideas for how bitcoin can bring new life to ancient traditions?
288  Bitcoin / Bitcoin Discussion / Re: Making a brain wallet "cheat sheet" on: August 07, 2012, 06:56:16 AM
Yeah, I've considered the possibility that someone targeting me could brute force the answers they don't know.  I think that choosing the questions carefully, so that at least some of them have a large number of possible answers will help.

That is a really interesting idea.  It never occurred to me to make some guess-and-check a necessary element of retrieving the coins.  I need to think about the implications of this.
289  Bitcoin / Bitcoin Discussion / Re: Making a brain wallet "cheat sheet" on: August 06, 2012, 12:41:26 PM
retep -

If that works for you, more power to you.  I won't deny that it is possible to commit a large amount of information to memory in a fairly short time.  I just don't trust myself enough to rely on that to hold a secret without a backup.  If you get confused over one character, your coins may be lost forever.  The mental anguish that would put someone through just isn't worth it to me.

Then put a copy in your safe deposit box. Heck, encrypt it with the key of someone you trust. It's a perfectly legit solution.

The point is, all these crazy salting schemes people are coming up probably aren't going to work, and on top of that, what if you forget the scheme? Why not just do things right and practice in the first place?
What makes your method "right"? Huh

I never said it wasn't a legit solution, it's just not for me.

As I said before, the plan is to write down the "scheme" in multiple places, and consult the record when necessary.
290  Bitcoin / Bitcoin Discussion / Re: Making a brain wallet "cheat sheet" on: August 06, 2012, 10:37:57 AM
retep -

If that works for you, more power to you.  I won't deny that it is possible to commit a large amount of information to memory in a fairly short time.  I just don't trust myself enough to rely on that to hold a secret without a backup.  If you get confused over one character, your coins may be lost forever.  The mental anguish that would put someone through just isn't worth it to me.
291  Bitcoin / Bitcoin Discussion / Re: Making a brain wallet "cheat sheet" on: August 06, 2012, 04:05:39 AM
cbeast - Could you expand on that?  I'm not sure I understand.  Does it involve hypnosis or dream hacking?  Tongue
Drugging travelers with Devil's Breath or similar substances is becoming a threat and is even possible at home. Banks often have a limit of what you can withdraw, but Bitcoin doesn't. There are behaviors that are only possible in certain mental states. These can be used to protect against drugging. Physical coercion can be defended against through training to reveal decoy, nested, or event locked accounts.

I would look at storing the key in motor memory. For example a difficult song to play on guitar/piano/[your skill here]. Choose a task you would be unable to perform while drugged. I'm not sure if the tools needed to accomplish this currently exist. Something like guitar hero is a first step though.

edit: Perhaps a customizable rubic's cube like device.
Hm, I could see adding a skill element to the key being a good idea.  It would be difficult to use music if only because of the precision that would be required, but I can see some possibilities.

Of course, one risk would be that you would be unable to access your funds if your motor skills were impaired through other means such as injury.
292  Bitcoin / Bitcoin Discussion / Re: Making a brain wallet "cheat sheet" on: August 06, 2012, 03:07:48 AM
That's a completely different conversation.  Check out this thread here.
293  Other / Off-topic / Have you ever gotten any donations to your signature address? on: August 06, 2012, 03:00:31 AM
I recently decided to imitate some other posters I've seen and add an address to my signature on these boards.  I'm just wondering if anyone actually sends bitcoin to these addresses, ever.

Have you ever received any?  How much?
294  Other / Politics & Society / Re: Barriers to introducing people to bitcoin on: August 05, 2012, 02:08:44 PM

On the whole though, most people I've spoken to try to warn me that the whole thing could be a scam. I mention the word decentralised and they just look at me funny!

Yeah, I know what you mean.

Actually, I can usually get peoples' attention pretty easily just by mentioning how much my initial investment has grown.  I haven't convinced anyone else to buy BTC as far as I know, but I'm not sure if I want to.

I'm starting to think we have too much speculation and not enough business.
295  Bitcoin / Bitcoin Discussion / Re: Making a brain wallet "cheat sheet" on: August 05, 2012, 12:45:26 PM
Sounds interesting.  Best of luck to you. Smiley
296  Bitcoin / Bitcoin Discussion / Re: Making a brain wallet "cheat sheet" on: August 05, 2012, 11:01:13 AM
I believe in almost all places of the world, vulcanos/earthquakes/other tectonic activity, rarely causes changes more than centimers per year.

Also, you don't need perfect accuracy; you can still have the system attempt coordinates in an area wider and wider around the chosen location. Using a coordinate with accuracy 1m, and using areas of 30m in size seems quite reasonable, and requires only trying a 1000 coordinates.

Seems like a nice idea, using this as entropy.
I was mostly joking about earthquakes, but the risk I was talking about is that all familiar landmarks could be changed.  Presumably the location you choose is something, like a house, a school, a park, a wooded grove, or any number of destructible things.  If the area is redeveloped, it might not be easy to find the exact location you're looking for from memory.

I agree it would work if you didn't rely on perfect accuracy though.
297  Bitcoin / Bitcoin Discussion / Re: Making a brain wallet "cheat sheet" on: August 05, 2012, 09:45:31 AM
Hm, I don't know that much about GPS, but if you say it stays constant over time I'll take your word for it.

That sounds like a good idea, but you would have to use a very low level of precision to ensure it stays constant.  Otherwise, you risk losing tack of that area through earthquakes, landslides, and redevelopment.  I wouldn't feel comfortable getting much more precise than the city the even took place in.  It would be difficult to figure out exactly what part of the new commercial development used to be the park where you were bitten.

This would be good for a retirement account, since it would be a lot of trouble to dig up this info on a more regular basis.  It would certainly be hard to brute force though.
298  Bitcoin / Bitcoin Discussion / Re: Making a brain wallet "cheat sheet" on: August 05, 2012, 07:13:32 AM
cbeast - Could you expand on that?  I'm not sure I understand.  Does it involve hypnosis or dream hacking?  Tongue

CIYAM Pty. Ltd. - Yeah, that's a good idea.  I had the same thought.
299  Bitcoin / Bitcoin Discussion / Making a brain wallet "cheat sheet" on: August 05, 2012, 06:23:58 AM
To my understanding, using hashed string as a brain wallet carries with it the following risks:

1. The passphrase might be forgotten.
2. The passphrase might be randomly brute-forced by an attacker performing something like a dictionary attack on hashed strings.
--2.5  There could be an unintentional collision with someone who happens to use the same passphrase.
3. The passphrase might be stolen/phished/whatever.
4.  Some combination of 3 and 2.  Part of the passphrase is stolen, and the rest is discovered through brute force.

(1) is a big concern for me.  I intend to keep some savings in bitcoin for a long time, and it's very likely that I will forget the key if it is too difficult to remember.

My idea is to make a list of personal questions, and have the answers be my passphrase.  I understand that because of (2) doing so is magnitudes less secure than using a randomly generated passphrase, but using a random phrase would make (1) likely.  I wanted to have the key based on facts that will remain relatively significant to me throughout my life.

The list will be semi-secret.  I'm not going to show it in public, but I won't worry about keeping copies in several different places, online and offline.

My thinking is that in order to access my BTC, the attacker would either have to know me very well or invest considerable resources researching me.  With a sufficiently long list, (2) is less likely, albeit still a possibility.  I was thinking at least fifteen questions.

There's a small risk that the attacker will indeed know me well.  I need to think of some questions that I'll always remember the answer to, but have never told anyone else and never will.  This is easier said than done.

To minimize the risk of someone finding the list and brute forcing the answers they don't know, I'll need to think of multiple questions with a large number of possible answers.  Any suggestions?  I've also included some "trick" questions, where the nature of the answer is unexpected.

Comments?  Anyone with a better understanding of cryptography able to give me some idea of how many questions with how many possible answers would be needed to make this impractical to brute force?
300  Economy / Trading Discussion / What have you spent BTC on? on: August 04, 2012, 05:02:37 PM
I'm just curious to see what kind of bitcoin business has been going on.

I'm paying for two VPSs and a domain name.  I've also hired a few people to provide some technical support with various software, and I commissioned a video just for fun.
Pages: « 1 2 3 4 5 6 7 8 9 10 11 12 13 14 [15] 16 17 18 »
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!