plorph (OP)
Member
Offline
Activity: 76
Merit: 14
|
|
February 22, 2016, 05:42:53 PM |
|
So I've decided to use BIP38 encrypted paper wallets as my primary method of storing BTC, however I wanted to ask about the security of genering those images. I originally wanted to build a seperate cheap computer just for the purpose of generating paper wallets, but not sure if I need to go to that length. If I generated the wallets from a live OS, say booted from a USB flash drive, saved the wallet images, and then restarted back to host OS, is that secure enough? Also, would it help to have all harddrives disconnected along with the internet to ensure nothing is saved to disk or sent out of network? Ultimately I'm trying to avoid having the passphrase for the encrypted wallets be saved anywhere but my in my (brain) memory.
|
puh-lorph
|
|
|
shorena
Copper Member
Legendary
Offline
Activity: 1498
Merit: 1530
No I dont escrow anymore.
|
|
February 22, 2016, 05:45:57 PM |
|
So I've decided to use BIP38 encrypted paper wallets as my primary method of storing BTC, however I wanted to ask about the security of genering those images. I originally wanted to build a seperate cheap computer just for the purpose of generating paper wallets, but not sure if I need to go to that length. If I generated the wallets from a live OS, say booted from a USB flash drive, saved the wallet images, and then restarted back to host OS, is that secure enough? Also, would it help to have all harddrives disconnected along with the internet to ensure nothing is saved to disk or sent out of network?
Secure enough for what? You should make sure that you have a high enough entropy when generating the keys. This can be problematic without disks or internet connection.
|
Im not really here, its just your imagination.
|
|
|
OmegaStarScream
Staff
Legendary
Offline
Activity: 3626
Merit: 6359
|
|
February 22, 2016, 05:47:34 PM |
|
You can do it this way : Plugin the USB drive in your PC and run the OS (Linux), turn off your internet off (to make sure you are not connected to internet) , generate the Paper wallet and print it , take the USB off the PC , then reboot and put the internet back and you should be fine as long as you don't forget the passphrase .
|
|
|
|
plorph (OP)
Member
Offline
Activity: 76
Merit: 14
|
|
February 22, 2016, 06:03:01 PM |
|
So I've decided to use BIP38 encrypted paper wallets as my primary method of storing BTC, however I wanted to ask about the security of genering those images. I originally wanted to build a seperate cheap computer just for the purpose of generating paper wallets, but not sure if I need to go to that length. If I generated the wallets from a live OS, say booted from a USB flash drive, saved the wallet images, and then restarted back to host OS, is that secure enough? Also, would it help to have all harddrives disconnected along with the internet to ensure nothing is saved to disk or sent out of network?
Secure enough for what? You should make sure that you have a high enough entropy when generating the keys. This can be problematic without disks or internet connection. Secure enough to not have to worry of having thousands of dollars worth of bitcoins (or whatever the value of bitcoins may be in the future) being compromised by bitcoin searching hackers. As far as entropy, I would use the page bitaddress.org (save local copy), is the entropy good enough from that? (it creates it by random mouse motion and also user input characters).
|
puh-lorph
|
|
|
shorena
Copper Member
Legendary
Offline
Activity: 1498
Merit: 1530
No I dont escrow anymore.
|
|
February 22, 2016, 06:06:55 PM |
|
So I've decided to use BIP38 encrypted paper wallets as my primary method of storing BTC, however I wanted to ask about the security of genering those images. I originally wanted to build a seperate cheap computer just for the purpose of generating paper wallets, but not sure if I need to go to that length. If I generated the wallets from a live OS, say booted from a USB flash drive, saved the wallet images, and then restarted back to host OS, is that secure enough? Also, would it help to have all harddrives disconnected along with the internet to ensure nothing is saved to disk or sent out of network?
Secure enough for what? You should make sure that you have a high enough entropy when generating the keys. This can be problematic without disks or internet connection. Secure enough to not have to worry of having thousands of dollars worth of bitcoins (or whatever the value of bitcoins may be in the future) being compromised by bitcoin searching hackers. As far as entropy, I would use the page bitaddress.org (save local copy), is the entropy good enough from that? (it creates it by random mouse motion and also user input characters). Sounds like a reasonable secure plan. The software you picked is old and tested, has a entropy source that is independent from the OS and its designed to run offline. Make sure you verify the download though.
|
Im not really here, its just your imagination.
|
|
|
plorph (OP)
Member
Offline
Activity: 76
Merit: 14
|
|
February 22, 2016, 07:25:33 PM |
|
So I've decided to use BIP38 encrypted paper wallets as my primary method of storing BTC, however I wanted to ask about the security of genering those images. I originally wanted to build a seperate cheap computer just for the purpose of generating paper wallets, but not sure if I need to go to that length. If I generated the wallets from a live OS, say booted from a USB flash drive, saved the wallet images, and then restarted back to host OS, is that secure enough? Also, would it help to have all harddrives disconnected along with the internet to ensure nothing is saved to disk or sent out of network?
Secure enough for what? You should make sure that you have a high enough entropy when generating the keys. This can be problematic without disks or internet connection. Secure enough to not have to worry of having thousands of dollars worth of bitcoins (or whatever the value of bitcoins may be in the future) being compromised by bitcoin searching hackers. As far as entropy, I would use the page bitaddress.org (save local copy), is the entropy good enough from that? (it creates it by random mouse motion and also user input characters). Sounds like a reasonable secure plan. The software you picked is old and tested, has a entropy source that is independent from the OS and its designed to run offline. Make sure you verify the download though. Great, thanks. I might give it a try. How would you suggest verifying the bitaddress.org download?
|
puh-lorph
|
|
|
shorena
Copper Member
Legendary
Offline
Activity: 1498
Merit: 1530
No I dont escrow anymore.
|
|
February 23, 2016, 03:22:36 PM |
|
So I've decided to use BIP38 encrypted paper wallets as my primary method of storing BTC, however I wanted to ask about the security of genering those images. I originally wanted to build a seperate cheap computer just for the purpose of generating paper wallets, but not sure if I need to go to that length. If I generated the wallets from a live OS, say booted from a USB flash drive, saved the wallet images, and then restarted back to host OS, is that secure enough? Also, would it help to have all harddrives disconnected along with the internet to ensure nothing is saved to disk or sent out of network?
Secure enough for what? You should make sure that you have a high enough entropy when generating the keys. This can be problematic without disks or internet connection. Secure enough to not have to worry of having thousands of dollars worth of bitcoins (or whatever the value of bitcoins may be in the future) being compromised by bitcoin searching hackers. As far as entropy, I would use the page bitaddress.org (save local copy), is the entropy good enough from that? (it creates it by random mouse motion and also user input characters). Sounds like a reasonable secure plan. The software you picked is old and tested, has a entropy source that is independent from the OS and its designed to run offline. Make sure you verify the download though. Great, thanks. I might give it a try. How would you suggest verifying the bitaddress.org download? via PGP -> https://www.bitaddress.org/pointbiz_bitaddress.org.asc-> https://www.bitaddress.org/bitaddress.org-v3.2.0-SHA256-ad4fd171c647772aa76d0ce828731b01ca586596275d43a94008766b758e8736.html.sig
|
Im not really here, its just your imagination.
|
|
|
|