BIP38 cold storage question

[Bernard Lerring]

Hi,

I've read about and tried testing BIP38 encryption of private keys and have succeeded in creating and decrypting BIP38 keys.

I have BTC in cold storage, on pen and paper, in an envelope in a secret place that contains my key in WIF format. I also have an identical copy at a trusted family member's, in case of burglary/fire/etc.

Now, here's a hypothetical situation about encrypting my private key:

I want to create a new cold storage BTC address with BIP38 key and send my BTC to it, with a copy at my family member's house.

My question is about the length of password to use. I could use a single character ("0", or "1") to encrypt my key. This would prevent my BTC being immediately useable if it fell into the wrong hands (burglary, etc).

If it was stolen (and supposing the thief knew what Bitcoin was), is it possible to determine the length of password from the BIP38 format, or would the thief have no way of knowing and simply have to brute-force the key blindly using incremental passwords of varying length?

Obviously, I'm not going to use a "0" or a "1" as my password, but I figure a 5 or 6 character password would make the thief's life hell and give me enough time to act and shift my coins somewhere safe.

I know that decrypting BIP38 is a time consuming process on an average PC, so would anyone like to guess how much time, say, a 6 character password would buy in this situation? How many uppercase and lowercase combinations of 6 characters (plus 0-9) are there, and how much time would this allow me to save my coin?

[btcguys]

I suggest that you should use strong password to encrypt the keys in case it falls in wrong hands and then place encrypted keys in an encrypted container on a USB and then give that USB to a friend (2 layers of protection).

As rule of thumb: make many copies and only use the way you are comfortable with so you can recover keys when need be.

[HELP.org]

keep a copy in a remote location in case there is a local disaster like a hurricane.

[Bernard Lerring]

You've somewhat missed the point. I know I could employ maximum security. I could keep them in a deposit box.

My question relates to simplicity: not having a difficult to remember password and having comfortable doubt that an intruder can unlock your coins before you do.

[luv2drnkbr]

While you should always use a strong password, no, there is no way of knowing from the address itself how good of a password you used.  The password you use, whatever it is, is hashed, and the hash is used as the AES key.  So all passwords are the same "length" when the encryption actually happens.

Additionally, the hashing algorithm used is Scrypt, which is currently pretty slow on modern computers, so it takes longer to brute force.  It was in fact picked for that exact reason.  4-char passwords have been posted online with bounties and taken days to crack, so a 6-char password is probably safe enough for your purpose, although obviously, just in case, you should still move the coins ASAP if you know a copy of the paper wallet was stolen.

[Bernard Lerring]

Cheers. That was exactly the kind of advice I was looking for. I'm going to use a short gibberish word that only my partner and myself know.

If it's hashed before encryption then in the event of burglary (and providing some junkie burglar actually knows how to use BIP38/bitcoin) it will give me plenty of time to retrieve my wallet copy from the other location and send the coins elsewhere.

What a great system we have in bitcoin land. The developers should be proud of themselves. ?

[Bernard Lerring]

That was meant to be a smiley ^. Damn phone!

[Abdussamad]

That 4 char password had unicode characters in it. That's why it was hard to break. A 6 char password with only letters ("gibberish word") isn't going to be so hard.

[Bernard Lerring]

How long do you guess something like "dexwaf" would take to crack?

This isn't the word I was planning on using by the way.

It's only an extra security measure to give me a few hours or a week at the very most to move my coins.

[CIYAM]

That 4 char password had unicode characters in it. That's why it was hard to break. A 6 char password with only letters ("gibberish word") isn't going to be so hard.

I ran a competition with 4 character password of just upper, lower and numbers (just ASCII) and it wasn't cracked in 5 days (by forum members with some fairly powerful PCs who were trying very hard to get a BTC reward).

So IMO a 6 character password with just letters (non-dictionary) is not going to be very easy to crack (i.e. even with some very fancy hardware you are still looking at days if not weeks).