Damelon
Legendary
 Offline
Activity: 1092
Merit: 1010
|
 |
September 01, 2015, 03:48:16 PM |
|
Wait, you take a dictionary, even an English one (even better if you are a foreigner so you use a foreign dictionary, but lets assume you use and English one) and you choose 12 random words of 6+ letters (even 5 letter words are OK but just to make sure) and you will have a random password with 128 bit+ entropy which is very safe. Of course, you write it down on a piece of paper.
The problem is that average people don't know that's done like this correctly and they use famous phrases and other crap instead.
As shown by this thread, people aren't very good with random-ness. You should let the computer do this for you. People are terrible in choosing passwords for themselves, I know that. But I kind of got from this thread that all brainwallets are doomed since they can be cracked with this software which is just not true if you have a strong and random password. Concept of brainwallets works for NXT pretty well, OK they did have some hacks in the beginning, just because the users used famous phrases which you can look for with these kind of softwares very quickly and successfully. Now, when the users know what the strong password is and when they have option for client to choose it for them, brainwallets work well. I almost forgot that NXT is a brainwallet per se. I did some research some time ago but couldn't find how NXT hashes the passphrase which locks/unlocks the account. Does anyone here know about it? Is it just sha256(passphrase)? It can't be that easy... I am sure it's not that easy, otherwise all people's NXT would just be gone. I have forwarded this thread to my good friend who's deeper with NXT, I am sure somebody will reply and let us know. Cheers! From the Nxt Whitepaper: https://www.dropbox.com/s/cbuwrorf672c0yy/NxtWhitepaper_v122_rev4.pdf2.4.2 Accounts
Nxt implements a brain wallet as part of its design: all accounts are stored on
the network, with private keys for each possible account address directly derived
from each account’s passphrase using a combination of SHA256 and Curve25519
operations.
Each account is represented by a 64-bit number, and this number is expressed
as an account address using a Reed-Solomon14 error-correcting notation that
allows for detection of up to four errors in an account address, or correction of
up to two errors. This format was implemented in response to concerns that
a mistyped account address could result in tokens, aliases, or assets being irreversibly
transferred to erroneous destination accounts. Account addresses are
always prefaced by “NXT-”, making Nxt account addresses easily recognizable
and distinguishable from address formats used by other cryptocurrencies.
The Reed-Solomon-encoded account address associated with a secret passphrase
is generated as follows:
1. The secret passphrase is hashed with SHA256 to derive the account’s
private key.
2. The private key is encrypted with Curve25519 to derive the account’s
public key.
3. The public key is hashed with SHA256 to derive the account ID.
4. The first 64 bits of the account ID are the visible account number.
5. Reed-Solomon encoding of the visible account number, prefixed with “NXT-
”, generates the account address.
When an account is accessed by a secret passphrase for the very first time, it
is not secured by a public key. When the first outgoing transaction from an
account is made, the 256-bit public key derived from the passphrase is stored
on the blockchain, and this secures the account. The address space for public
keys (2256) is larger than the address space for account numbers (264), so there
is no one-to-one mapping of passphrases to account numbers and collisions are
possible. These collisions are detected and prevented in the following way: once
a specific passphrase is used to access an account, and that account is secured
by a 256-bit public key, no other public-private key pair is permitted to access
that account number.
|
|
|
|
|
|
|
|
|
|
|
|
|
Be very wary of relying on JavaScript for security on crypto sites. The site can change the JavaScript at any time unless you take unusual precautions, and browsers are not generally known for their airtight security.
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
|
|
|
|
Uptrenda
Member
Offline
Activity: 114
Merit: 16
|
|
September 01, 2015, 04:22:01 PM |
|
But my dog's name is still safe right?
|
|
|
|
|
Damelon
Legendary
Offline
Activity: 1092
Merit: 1010
|
|
September 01, 2015, 04:35:33 PM |
|
But my dog's name is still safe right?
Only if called 123abc |
|
|
|
|
bri912678
|
|
September 01, 2015, 04:52:52 PM |
|
But my dog's name is still safe right?
Only if called 123abc If it was a NXT brain wallet pass phrase his dog's name would need to be at least 30 characters long to be secure. There are servers constantly attempting to crack NXT wallet pass phrases using lists of passwords called rainbow tables. No doubt all the quoted advice for creating strong NXT pass phrases also applies to creating strong Bitcoin pass phrases. https://wiki.nxtcrypto.org/wiki/How-To:GenerateStrongPassword30 characters??!? Isn't that too much?
For most applications, yeah. But Nxt works differently.
In most other applications, an attacker can only try to break into one account at a time. A smart attacker will not try passwords randomly. They will run through a prepared list of passwords and resulting hashes (that list is called a rainbow table), hoping to find the one password that can access your account.
As technology improves and processing power increases, attackers can prepare larger and larger rainbow tables. The key to creating a safe password is to stay ahead of the processing curve, to avoid being simple enough to be included in rainbow tables and so escape easy discovery.
Most applications are such that an attacker can go after only one account at a time. Your bank, e-mail, and online shopping accounts are like this. For such applications, a password of 15 varied characters that don't form readable words or patterns is currently very safe, well beyond what attackers can feasibly include in their rainbow tables.
Nxt works differently. In order to have the convenience of accessing your account through just a single passphrase, without a login name or wallet file, it also allows an attacker to try ALL accounts at the same time and greatly increases their chances of success. With everyone's account balance in the prize pot, the rewards become much higher, so there's compelling reason for them to focus a lot more resources on extending rainbow tables. |
|
|
|
|
|
box0214
|
|
September 01, 2015, 06:54:17 PM |
|
it seems the best way to create a nxt brain wallet is by using a combination of data only you know. say phone numbers, addresses, and chinese/japanese characters. Then mix it up with your own password. good luck trying to guess that and no way in hell would you forget it nor the need to write it down. right now nxt has the ability to host bitcoin addresses via the multigateway, in effect giving nxt the ability to host your other coins with just one passphrase. www.jnxt.org/nxt -- login with account to test it out: NXT-MRCC-2YLS-8M54-3CMAJ |
|
|
|
|
eternalgloom
Legendary
Offline
Activity: 1792
Merit: 1283
|
|
September 01, 2015, 07:35:28 PM |
|
it seems the best way to create a nxt brain wallet is by using a combination of data only you know. say phone numbers, addresses, and chinese/japanese characters. Then mix it up with your own password. good luck trying to guess that and no way in hell would you forget it nor the need to write it down. right now nxt has the ability to host bitcoin addresses via the multigateway, in effect giving nxt the ability to host your other coins with just one passphrase. www.jnxt.org/nxt -- login with account to test it out: NXT-MRCC-2YLS-8M54-3CMAJYeah indeed, it's also best to use some words that can't be found in dictionaries and add special characters in front of and in between words. Plus you'd need to use a passphrase of at least 64 characters. |
|
|
|
|
ryanc
|
|
September 02, 2015, 06:07:50 AM |
|
it seems the best way to create a nxt brain wallet is by using a combination of data only you know. say phone numbers, addresses, and chinese/japanese characters. Then mix it up with your own password. good luck trying to guess that and no way in hell would you forget it nor the need to write it down. right now nxt has the ability to host bitcoin addresses via the multigateway, in effect giving nxt the ability to host your other coins with just one passphrase. www.jnxt.org/nxt -- login with account to test it out: NXT-MRCC-2YLS-8M54-3CMAJYeah indeed, it's also best to use some words that can't be found in dictionaries and add special characters in front of and in between words. Plus you'd need to use a passphrase of at least 64 characters. ...just use diceware - you'll probably screw up picking one with meat. Some of the brainwallets I cracked were in chinese and russian. If I am reading that whitepaper right, NXT is actually weaker than normal brainwallets because curve25519 is substantially faster than secp256k1 for public key generation. Passphrase length does not matter. Passphrase language does not matter. All that matters is predictability. There is no way to measure the predictability of human-generated passphrases, but we can measure the predictability of random passphrases. So use random passphrases. |
|
|
|
|
|
aakashsangwan
|
|
September 02, 2015, 02:29:03 PM |
|
Can someone please tell me that how to use this software  I'm currently running Windows, but know some backtrack too |
|
|
|
Damelon
Legendary
Offline
Activity: 1092
Merit: 1010
|
|
September 02, 2015, 05:29:09 PM |
|
Passphrase length does not matter. Passphrase language does not matter. All that matters is predictability. There is no way to measure the predictability of human-generated passphrases, but we can measure the predictability of random passphrases. So use random passphrases.
I'd like to bold this for emphasis. If you'd use the entire King James Bible as a passphrase, it would be easy to crack. |
|
|
|
almightyruler
Legendary
Offline
Activity: 2268
Merit: 1092
|
|
September 17, 2018, 07:55:40 PM
Last edit: September 17, 2018, 08:07:05 PM by almightyruler |
|
I know this thread is 3 years old, but I'd like to post something I just found: Bitcoin Address:
1GjjGLYR7UhtM1n6z7QDpQskBicgmsHW9k
Text:
how much wood could a woodchuck chuck if a woodchuck could chuck wood
Timestamp:
2013-02-14 02:07:30 UTCListed on: https://bitsig.io/?addr=1GjjGLYR7UhtM1n6z7QDpQskBicgmsHW9kUnless bitsig.io have retroactively listed well known brainwallet phrases, it seems that the original owner of woodchuck may have used bitsig.io to generate the wallet address. In full public view. --- edit: Seems bitsig.io was registered only in 2015, well after this address was used, so I guess they did retroactively list brainwallet phrases. So nothing too amazing here. Maybe they used brainflayer to crack them.  |
|
|
|
|
|
