Personal 2-factor storing of private keys (10 BTC bounty)

[curious]

I'm trying to come up with a safe way to store my bitcoins where you would need 2-factor to spend the coins. The simple approach I can come up with is to store my private keys in a bank safe, but make sure that the private keys are encrypted with a strong password that only I know. I would then set up a dead man's switch to send that password out in case anything happens to me. This way, you would need to have access to my bank safe and know my password in order to spend the coins. That seems pretty safe to me. Thoughts?

Now the question is, what is a simple way to encrypt my private keys? I need something that's secure but also easy to use to decrypt. Since I have to describe how to decrypt the keys in my dead man's switch email.

I will give 10 BTC bounty for someone to create a pull request to modify bitaddress.org to give me an option to create an encrypted paper wallet using BIP 38. Claimed!

[Stephen Gornick]

I'm trying to come up with a safe way to store my bitcoins where you would need 2-factor to spend the coins. The simple approach I can come up with is to store my private keys in a bank safe, but make sure that the private keys are encrypted with a strong password that only I know. I would then set up a dead man's switch to send that password out in case anything happens to me. This way, you would need to have access to my bank safe and know my password in order to spend the coins. That seems pretty safe to me. Thoughts?

Now the question is, what is a simple way to encrypt my private keys? I need something that's secure but also easy to use to decrypt. Since I have to describe how to decrypt the keys in my dead man's switch email.

Some related threads:

Dead Man's Switch?
 - http://bitcointalk.org/index.php?topic=110353.0

Casascius "accidentally" creates a 2-party escrow GUI.
 - http://www.reddit.com/r/Bitcoin/comments/14j7wx

pybtcsplit - m-of-n Private Key Splitting made easy in one simple python utility
 - http://bitcointalk.org/index.php?topic=104086.0

To generate a split key there is a new feature (v2.1) in the Vanity Wallet on bitaddress.org

- http://bitcointalk.org/index.php?topic=43496.msg1421075#msg1421075

That or how about just a password-protected PDF?  That has the benefit of being completely usable by a layperson given only the file and the password.  This also uses AES under the hood.

- http://bitcointalk.org/index.php?topic=92374.0

Lately I have been working on an iPhone app to implement a BIP 38 tool for the end user.

 - http://bitcointalk.org/index.php?topic=129317.msg1430037#msg1430037

[dancupid]

A simple non-techie approach, which I use, is to print out a paper wallet and then use this private key as the first factor.
Paste this into http://brainwallet.org/ passphrase field and then add your password as the second factor creating a new private key/address - send all your bitcoins to this address.
You can allow some access to the original paper wallet, so you can safely store it in many places, with family members etc

example.
paper wallet address 1JwSSubhmg6iPtRjtyqhUYYH7bZg3Lfy1T
private key 5KJvsngHeMpm884wtkJNzQGaCErckhHJBGFsvd3VyK5qMZXj3hS

passphrase for brainwallet:

5KJvsngHeMpm884wtkJNzQGaCErckhHJBGFsvd3VyK5qMZXj3hSthisismydifficulttoguesspass word

producing address 1GuJmVpp4x1bhNoj67ngViEyk6Aa1yadVB - to which you can send all your stored wealth.

Goes without saying that this should all be done offline on a fresh os install.

[paybitcoin]

Thanks BIP38 seems like what I want. But there doesn't seem to be an easy tool to do the encryption or decryption yet. I don't run Windows.
And here's my dead man's switch: http://www.deadmansswitch.net/

There was a BIP38 bounty that Casascius posted a few days ago to implement it in javascript. There is now an implementation you can run here: http://scintill.github.com/bitaddress.org-bip38.html (go to wallet details)

Also see this thread for more info: https://bitcointalk.org/index.php?topic=136651.msg1477914

[paybitcoin]

I will give 10 BTC bounty for someone to create a pull request to modify bitaddress.org to give me an option to create an encrypted paper wallet using BIP 38.

You should contact the winner of the bounty of the other thread, I know there were some other competing entries as well so you should have a good shot at getting this implemented.
Oops, didn't check the other thread first. Good luck!

[Vitalik Buterin]

Here's a script that lets you split a private key into N parts, of which any K can be used to reconstitute the original, where you pick the N and K when splitting.

https://github.com/vbuterin/btckeysplit