Bitcoin Forum
April 15, 2021, 09:08:54 AM *
News: Latest Bitcoin Core release: 0.21.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 2 3 4 5 6 [7] 8 »  All
  Print  
Author Topic: Time to bust a myth. Paper wallets are less secure than normal encrypted wallets  (Read 12195 times)
Blazr
Hero Member
*****
Offline Offline

Activity: 882
Merit: 1004



View Profile
June 11, 2015, 04:29:26 PM
 #121

The to;dr version is that both encrypted wallets and paper wallets have certain vulnerabilities. Encrypted wallets have a subset of vulnerabilities and paper wallets have the same subset of vulnerabilities and then a greater subset of vulnerabilities.

I like this tl;dr a lot, does a great job at summing it up.

1618477734
Hero Member
*
Offline Offline

Posts: 1618477734

View Profile Personal Message (Offline)

Ignore
1618477734
Reply with quote  #2

1618477734
Report to moderator
1618477734
Hero Member
*
Offline Offline

Posts: 1618477734

View Profile Personal Message (Offline)

Ignore
1618477734
Reply with quote  #2

1618477734
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1618477734
Hero Member
*
Offline Offline

Posts: 1618477734

View Profile Personal Message (Offline)

Ignore
1618477734
Reply with quote  #2

1618477734
Report to moderator
1618477734
Hero Member
*
Offline Offline

Posts: 1618477734

View Profile Personal Message (Offline)

Ignore
1618477734
Reply with quote  #2

1618477734
Report to moderator
Klestin
Hero Member
*****
Offline Offline

Activity: 493
Merit: 500


View Profile
June 11, 2015, 04:52:39 PM
 #122

How does an air-gapped machine contract malware?  It can sign transactions with zero Internet (or LAN for that matter) connectivity. Additionally, M of N paper wallets mitigate physical theft.

OP has missed the entire point of a paper wallet. 

Many ways. Read up on Stuxnet. The most likely scenario would be via USB sticks when you are transferring files (which many people do with airgapped machines even though it's a big no-no), but you could also be infected if your airgapped PC's OS or other software was tampered with in some way when you were installing it, such as malware on the computer you burned the boot CD/USB tampering with the image. These are pretty advanced attacks, but they are certainly not so difficult to execute and not unheard of and thy will probably happen to some Bitcoiners eventually so people should be aware of them so that they can defend themselves if they deem it necessary.

I should add "without absolute user ineptitude, or an attackers reliance on zero-day vulnerabilities targeted to your specific hardware".

I fail to see how these extremely unlikely scenarios make "paper wallets less secure than normal encrypted wallets".  Do you?
Blazr
Hero Member
*****
Offline Offline

Activity: 882
Merit: 1004



View Profile
June 11, 2015, 05:04:59 PM
 #123

The easiest way for me to explain that is, you tell me how you create your paper wallet, do you use a live OS, airgapped PC etc what other precautions you take, and I'll explain based on that scenario how an encrypted wallet would be safer.

Klestin
Hero Member
*****
Offline Offline

Activity: 493
Merit: 500


View Profile
June 11, 2015, 06:11:54 PM
 #124

The easiest way for me to explain that is, you tell me how you create your paper wallet, do you use a live OS, airgapped PC etc what other precautions you take, and I'll explain based on that scenario how an encrypted wallet would be safer.

I'll bite. Within a faraday cage, assemble a PC from parts purchased and held in storage for the last several years.  OS installed from DVD (let's say Windows XP, original discs).  Wallet generator software source code printed code-reviewed, and re-entered by hand and compiled on the PC.  Wallet initial entropy via dice, rolled in a darkened room in the dead of the night (sensitive fingertips required for dice reading).  M of N paper wallet created and written by hand.  Remainder of notepad incinerated.  Pages stored in geographically disparate secure localities.  PC degaussed, then incinerated.

If coins are to be spent, M parts of wallet gathered, then repeat most of the above, sign the transaction, transfer the signature via handwritten pad, and enter on the connected PC of your choice.

You didn't say it had to be practical.
odolvlobo
Legendary
*
Offline Offline

Activity: 3192
Merit: 1839



View Profile
June 11, 2015, 06:16:23 PM
Last edit: June 11, 2015, 07:56:30 PM by odolvlobo
 #125

Anyone that want's to make a paper wallet should buy a Mycelium Entropy. It is the most convenient and most secure way to make a paper wallet.

The combination of maximum security and maximum convenience is rare, but Entropy achieves it. You just plug it in, press a button and print. There is no need for an air-gapped computer, bootable CDs, formatting disks, etc.


Buy stuff on Amazon with BTC or convert Amazon points to BTC here: Purse.io
Join an anti-signature campaign: Click ignore on the members of signature campaigns.
PGP Fingerprint: 6B6BC26599EC24EF7E29A405EAF050539D0B2925 Signing address: 13GAVJo8YaAuenj6keiEykwxWUZ7jMoSLt
Panthers52
Hero Member
*****
Offline Offline

Activity: 675
Merit: 502


#SuperBowl50 #NFCchamps


View Profile WWW
June 11, 2015, 06:37:52 PM
 #126

The easiest way for me to explain that is, you tell me how you create your paper wallet, do you use a live OS, airgapped PC etc what other precautions you take, and I'll explain based on that scenario how an encrypted wallet would be safer.

I'll bite. Within a faraday cage, assemble a PC from parts purchased and held in storage for the last several years.  OS installed from DVD (let's say Windows XP, original discs).  Wallet generator software source code printed code-reviewed, and re-entered by hand and compiled on the PC.  Wallet initial entropy via dice, rolled in a darkened room in the dead of the night (sensitive fingertips required for dice reading).  M of N paper wallet created and written by hand.  Remainder of notepad incinerated.  Pages stored in geographically disparate secure localities.  PC degaussed, then incinerated.

If coins are to be spent, M parts of wallet gathered, then repeat most of the above, sign the transaction, transfer the signature via handwritten pad, and enter on the connected PC of your choice.

You didn't say it had to be practical.
If you are this paranoid about creating a paper wallet then there is probably a pretty high chance that you will end up in a psychiatric institution. You would then be unable to ever spend the money you send to the associated address.

PGP 827D2A60

Tired of annoying signature ads? Ad block for signatures
Klestin
Hero Member
*****
Offline Offline

Activity: 493
Merit: 500


View Profile
June 11, 2015, 06:57:32 PM
 #127

If you are this paranoid about creating a paper wallet then there is probably a pretty high chance that you will end up in a psychiatric institution. You would then be unable to ever spend the money you send to the associated address.

Psychiatric institutions generally don't allow Internet access.  My 0.013 BTC are secure forevers!
Panthers52
Hero Member
*****
Offline Offline

Activity: 675
Merit: 502


#SuperBowl50 #NFCchamps


View Profile WWW
June 11, 2015, 07:05:47 PM
 #128

If you are this paranoid about creating a paper wallet then there is probably a pretty high chance that you will end up in a psychiatric institution. You would then be unable to ever spend the money you send to the associated address.

Psychiatric institutions generally don't allow Internet access.  My 0.013 BTC are secure forevers!
You would suffer the loss of your freedom and privacy in exchange for keeping your Bitcoin safe from theft. I don't think this is a very good trade off when Bitcoin is suppose to represent additional freedom and privacy.

It would also result in you loosing access to your Bitcoin which would be a loss to you because you would be unable to spend it if you wished to do so. It would be similar to you using an encrypted wallet and then having all of your backups get corrupted

PGP 827D2A60

Tired of annoying signature ads? Ad block for signatures
Klestin
Hero Member
*****
Offline Offline

Activity: 493
Merit: 500


View Profile
June 11, 2015, 07:12:04 PM
 #129

You would suffer the loss of your freedom and privacy in exchange for keeping your Bitcoin safe from theft. I don't think this is a very good trade off when Bitcoin is suppose to represent additional freedom and privacy.

It would also result in you loosing access to your Bitcoin which would be a loss to you because you would be unable to spend it if you wished to do so. It would be similar to you using an encrypted wallet and then having all of your backups get corrupted

Um...  you seriously believe someone who securely creates a paper wallet per my listed steps deserves to be locked up in a psychiatric facility?  Nah, you must be trollin'.  Good one dude!

In any event, the challenge was to describe a set of steps to create a paper wallet that is more secure than an encrypted wallet on a connected desktop.  Do you have a vulnerability in mind that invalidates my proposal, or is "psychiatric lockup" the best you can do?
Panthers52
Hero Member
*****
Offline Offline

Activity: 675
Merit: 502


#SuperBowl50 #NFCchamps


View Profile WWW
June 11, 2015, 07:16:24 PM
 #130

You would suffer the loss of your freedom and privacy in exchange for keeping your Bitcoin safe from theft. I don't think this is a very good trade off when Bitcoin is suppose to represent additional freedom and privacy.

It would also result in you loosing access to your Bitcoin which would be a loss to you because you would be unable to spend it if you wished to do so. It would be similar to you using an encrypted wallet and then having all of your backups get corrupted

Um...  you seriously believe someone who securely creates a paper wallet per my listed steps deserves to be locked up in a psychiatric facility?  Nah, you must be trollin'.  Good one dude!
Someone who takes that level of precautions are most likely going to display other symptoms of paranoid schizophrenia. Some may even argue that doing what you described would be an indication of schizophrenia.

Try describing even part of that process to someone in RL, tell them you are doing those steps to secure your money and see what they think about your mental state.

PGP 827D2A60

Tired of annoying signature ads? Ad block for signatures
Klestin
Hero Member
*****
Offline Offline

Activity: 493
Merit: 500


View Profile
June 11, 2015, 07:19:35 PM
 #131

Do you have a vulnerability in mind that invalidates my proposal, or is "psychiatric lockup" the best you can do?

Try describing even part of that process to someone in RL, tell them you are doing those steps to secure your money and see what they think about your mental state.

I'll take that as "yes, that's the best I can do."
spazzdla
Legendary
*
Offline Offline

Activity: 1638
Merit: 1000


View Profile
June 11, 2015, 07:23:08 PM
 #132

You would suffer the loss of your freedom and privacy in exchange for keeping your Bitcoin safe from theft. I don't think this is a very good trade off when Bitcoin is suppose to represent additional freedom and privacy.

It would also result in you loosing access to your Bitcoin which would be a loss to you because you would be unable to spend it if you wished to do so. It would be similar to you using an encrypted wallet and then having all of your backups get corrupted

Um...  you seriously believe someone who securely creates a paper wallet per my listed steps deserves to be locked up in a psychiatric facility?  Nah, you must be trollin'.  Good one dude!
Someone who takes that level of precautions are most likely going to display other symptoms of paranoid schizophrenia. Some may even argue that doing what you described would be an indication of schizophrenia.

Try describing even part of that process to someone in RL, tell them you are doing those steps to secure your money and see what they think about your mental state.

Mental illness LMAO what a joke.  A group of random fucks decide if you have x traits you are mentally ill.  You should see some of the panels of these bastards.  

"But I do that"

"Oh okay lets not put that in there then"

It's a fucking joke.




The fact you are so lazy with your wealth I think is a mental illness.  The illness of extreme lazyness SO LAZY you attempt to make others think they have a problem as they are not as lazy as you.
Panthers52
Hero Member
*****
Offline Offline

Activity: 675
Merit: 502


#SuperBowl50 #NFCchamps


View Profile WWW
June 11, 2015, 07:26:18 PM
 #133

Do you have a vulnerability in mind that invalidates my proposal, or is "psychiatric lockup" the best you can do?

Try describing even part of that process to someone in RL, tell them you are doing those steps to secure your money and see what they think about your mental state.

I'll take that as "yes, that's the best I can do."
I will difer to the expert in computer security (blazr) to look for other vulnerabilities.

One risk would be that you make a mistake in copying the private keys and/or the code as humans are notorious for making copy mistakes and it would be difficult to check for such mistakes without adding potential additional chances for your private key to leak.


I am not lazy with securing my money. I only take reasonable precautions that balance various risks of loss and theft with what would end up lost (how much I would lose) and the chances of various attacks of succeeding.

PGP 827D2A60

Tired of annoying signature ads? Ad block for signatures
Blazr
Hero Member
*****
Offline Offline

Activity: 882
Merit: 1004



View Profile
June 11, 2015, 07:52:43 PM
 #134

The easiest way for me to explain that is, you tell me how you create your paper wallet, do you use a live OS, airgapped PC etc what other precautions you take, and I'll explain based on that scenario how an encrypted wallet would be safer.

I'll bite. Within a faraday cage, assemble a PC from parts purchased and held in storage for the last several years.  OS installed from DVD (let's say Windows XP, original discs).  Wallet generator software source code printed code-reviewed, and re-entered by hand and compiled on the PC.  Wallet initial entropy via dice, rolled in a darkened room in the dead of the night (sensitive fingertips required for dice reading).  M of N paper wallet created and written by hand.  Remainder of notepad incinerated.  Pages stored in geographically disparate secure localities.  PC degaussed, then incinerated.

If coins are to be spent, M parts of wallet gathered, then repeat most of the above, sign the transaction, transfer the signature via handwritten pad, and enter on the connected PC of your choice.

You didn't say it had to be practical.

Sounds great, though that only covers one part of the setup, the generation process. How are you going to spend those Bitcoins? You're going to need some kind of computer right? so I guess destroying the secure computer like you did seems counter-intuitive as you'll need atleast one secure computer to join up the m of n paper wallets to spend them. If you're a fan of destroying and buying computers each time you make a transaction, that would work. But instead of doing that, you could create another wallet using a similar process except make it an M of N encrypted wallet stored on multiple different computers stored in different locations. Same level of security, makes more sense than rebuying computers, why print out the keys at all?

My point is, all paper wallets eventually have to touch a PC and while they are touching the PC they are just as vulnerable as a normal encrypted wallet that has been unlocked, however unlike a locked encrypted wallet which is "non-trivial" to crack, paper wallets have other security risks you need to take into account such as the printer memory issue, which you do not need to even worry about with an encrypted wallet. Additionally wallets are only unlocked for milliseconds if even, some users of paper wallets who are tying in private keys etc may leave the private key in memory for quite some time exposing it to risk. It really does make much more sense to just use a normal encrypted wallet rather than a paper one. I prefer strength in numbers rather than strength in "paper", I am already tired of "paper" money Cheesy

Klestin
Hero Member
*****
Offline Offline

Activity: 493
Merit: 500


View Profile
June 11, 2015, 07:55:32 PM
 #135

Sounds great, though that only covers one part of the setup, the generation process. How are you going to spend those Bitcoins?

Keep reading, it's covered.

As admitted, my example isn't easy, or even practical.  In the real world, we have to balance security and ease of use.  Personally, I use a Trezor.
Blazr
Hero Member
*****
Offline Offline

Activity: 882
Merit: 1004



View Profile
June 11, 2015, 07:56:59 PM
 #136

Sounds great, though that only covers one part of the setup, the generation process. How are you going to spend those Bitcoins?

Keep reading, it's covered.

You're "manually" signing the transaction? Do that with the encrypted wallet too, it'll save you the ink and will give you the same security.

Klestin
Hero Member
*****
Offline Offline

Activity: 493
Merit: 500


View Profile
June 11, 2015, 07:58:20 PM
 #137

You're "manually" signing the transaction? Do that with the encrypted wallet too, it'll save you the ink and will give you the same security.

It really won't.  Connected computers can be compromised with a keylogger.  My described scenario cannot.
Blazr
Hero Member
*****
Offline Offline

Activity: 882
Merit: 1004



View Profile
June 11, 2015, 08:02:30 PM
 #138

You're "manually" signing the transaction? Do that with the encrypted wallet too, it'll save you the ink and will give you the same security.

It really won't.  Connected computers can be compromised with a keylogger.  My described scenario cannot.

I am sorry I reread your scenario but how are you signing the transaction for your paper wallet, are you signing it on a secure PC or "by hand"? I got the impression you said you were doing it "by-hand" IE pen and paper EC math but now I'm not sure.

Klestin
Hero Member
*****
Offline Offline

Activity: 493
Merit: 500


View Profile
June 11, 2015, 08:07:04 PM
 #139

I am sorry I reread your scenario but how are you signing the transaction for your paper wallet, are you signing it on a secure PC or "by hand"? I got the impression you said you were doing it "by-hand" IE pen and paper EC math but now I'm not sure.

In my (admittedly costly and time-consuming) example, the PC is rebuilt, the wallet primed from the M portions of the paper wallet, and the transaction information entered.  The signature is generated on the disconnected PC, manually transcribed, then the PC is again decommissioned.
blossbloss
Jr. Member
*
Offline Offline

Activity: 51
Merit: 1


View Profile
June 13, 2015, 01:21:56 AM
 #140

Serious comment: brainwallet for long term storag, Trezor for mid term, and Mycelium app for pocket change.
Comments?
Pages: « 1 2 3 4 5 6 [7] 8 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!