Bitcoin Forum
November 03, 2024, 07:30:04 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1] 2 3 »  All
  Print  
Author Topic: Sending REALLY sensitive information  (Read 3462 times)
SgtSpike (OP)
Legendary
*
Offline Offline

Activity: 1400
Merit: 1005



View Profile
March 26, 2013, 03:48:50 PM
 #1

If I was to send someone some really sensitive information that I wanted to be 100% sure no one else could see, what would be the best way(s) of doing so?  Say, for example, it was a Bitcoin private key.
CIYAM
Legendary
*
Offline Offline

Activity: 1890
Merit: 1086


Ian Knowles - CIYAM Lead Developer


View Profile WWW
March 26, 2013, 03:49:53 PM
 #2

If they are at all computer literate GPG would probably be your best option.

With CIYAM anyone can create 100% generated C++ web applications in literally minutes.

GPG Public Key | 1ciyam3htJit1feGa26p2wQ4aw6KFTejU
jackjack
Legendary
*
Offline Offline

Activity: 1176
Merit: 1280


May Bitcoin be touched by his Noodly Appendage


View Profile
March 26, 2013, 03:50:17 PM
 #3

Crypting it with GPG?

Own address: 19QkqAza7BHFTuoz9N8UQkryP4E9jHo4N3 - Pywallet support: 1AQDfx22pKGgXnUZFL1e4UKos3QqvRzNh5 - Bitcointalk++ script support: 1Pxeccscj1ygseTdSV1qUqQCanp2B2NMM2
Pywallet: instructions. Encrypted wallet support, export/import keys/addresses, backup wallets, export/import CSV data from/into wallet, merge wallets, delete/import addresses and transactions, recover altcoins sent to bitcoin addresses, sign/verify messages and files with Bitcoin addresses, recover deleted wallets, etc.
BIGMERVE
Hero Member
*****
Offline Offline

Activity: 728
Merit: 500



View Profile WWW
March 26, 2013, 03:51:12 PM
 #4

Just send them a letter with a seal.

theymos
Administrator
Legendary
*
Offline Offline

Activity: 5376
Merit: 13357


View Profile
March 26, 2013, 03:51:19 PM
 #5

Give it to them in person.

1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
SgtSpike (OP)
Legendary
*
Offline Offline

Activity: 1400
Merit: 1005



View Profile
March 26, 2013, 03:53:37 PM
 #6

GPG, a letter with a seal... sounds good.

Give it to them in person.
Well, yes, but assume they aren't near me.  Wink
CIYAM
Legendary
*
Offline Offline

Activity: 1890
Merit: 1086


Ian Knowles - CIYAM Lead Developer


View Profile WWW
March 26, 2013, 03:57:22 PM
 #7

Also depending upon level of paranoia you could divide the private key into parts and say:

Part 1) Email
Part 2) SMS/Phone
Part 3) Snail mail

With CIYAM anyone can create 100% generated C++ web applications in literally minutes.

GPG Public Key | 1ciyam3htJit1feGa26p2wQ4aw6KFTejU
SgtSpike (OP)
Legendary
*
Offline Offline

Activity: 1400
Merit: 1005



View Profile
March 26, 2013, 04:01:23 PM
 #8

Good point CIYAM!

What about BitMessage?  It should be secure for sending, right?
Or... an encrypted .rar, provided the passkey is sent separately?
MysteryMiner
Legendary
*
Offline Offline

Activity: 1512
Merit: 1049


Death to enemies!


View Profile
March 26, 2013, 05:14:55 PM
 #9

PGP encrypted mail
OTR encrypted IM chat
TorChat

The list can go on.

bc1q59y5jp2rrwgxuekc8kjk6s8k2es73uawprre4j
SgtSpike (OP)
Legendary
*
Offline Offline

Activity: 1400
Merit: 1005



View Profile
March 26, 2013, 05:17:44 PM
 #10

PGP encrypted mail
OTR encrypted IM chat
TorChat

The list can go on.
Let's keep it to options where we don't have to be online at the same time... but thanks for the suggestions!
bbit
Legendary
*
Offline Offline

Activity: 1330
Merit: 1000


Bitcoin


View Profile
March 26, 2013, 05:38:22 PM
 #11

Give it to them in person.

^^this^^


           █████████████████     ████████
          █████████████████     ████████
         █████████████████     ████████
        █████████████████     ████████
       ████████              ████████
      ████████              ████████
     ████████     ███████  ████████     ████████
    ████████     █████████████████     ████████
   ████████     █████████████████     ████████
  ████████     █████████████████     ████████
 ████████     █████████████████     ████████
████████     ████████  ███████     ████████
            ████████              ████████
           ████████              ████████
          ████████     █████████████████
         ████████     █████████████████
        ████████     █████████████████
       ████████     █████████████████
▄▄
██
██
██
██
██
██
██
██
██
██     
██
██
▬▬ THE LARGEST & MOST TRUSTED ▬▬
      BITCOIN SPORTSBOOK     
   ▄▄
██
██
██
██
██
██
██
██
██
██     
██
██
             ▄▄▄▄▀▀▀▀▄
     ▄▄▄▄▀▀▀▀        ▀▄▄▄▄           
▄▀▀▀▀                 █   ▀▀▀▀▀▀▀▄▄
█                    ▀▄          █
 █   ▀▌     ██▄        █          █               
 ▀▄        ▐████▄       █        █
  █        ███████▄     ▀▄       █
   █      ▐████▄█████████████████████▄
   ▀▄     ███████▀                  ▀██
    █      ▀█████    ▄▄        ▄▄    ██
     █       ▀███   ████      ████   ██
     ▀▄        ██    ▀▀        ▀▀    ██
      █        ██        ▄██▄        ██
       █       ██        ▀██▀        ██
       ▀▄      ██    ▄▄        ▄▄    ██
        █      ██   ████      ████   ██
         █▄▄▄▄▀██    ▀▀        ▀▀    ██
               ██▄                  ▄██
                ▀████████████████████▀




  CASINO  ●  DICE  ●  POKER   
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
   24 hour Customer Support   

▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
SgtSpike (OP)
Legendary
*
Offline Offline

Activity: 1400
Merit: 1005



View Profile
March 26, 2013, 05:52:55 PM
 #12

Give it to them in person.

^^this^^
Assume they live across the globe and it is not possible.
Lethn
Legendary
*
Offline Offline

Activity: 1540
Merit: 1000



View Profile WWW
March 26, 2013, 05:55:00 PM
 #13

Just send them a letter with a seal.

You should also make sure they burn it after they read it otherwise someone might pick it up in the bin.
SgtSpike (OP)
Legendary
*
Offline Offline

Activity: 1400
Merit: 1005



View Profile
March 26, 2013, 09:29:46 PM
 #14

Screw GPG, it doesn't allow long enough keys for paranoid people. Have your friend generate a 16,384 bit RSA keypair with openssl, encrypt it with the public key, and send it off.
I like it.  Cheesy
kokjo
Legendary
*
Offline Offline

Activity: 1050
Merit: 1000

You are WRONG!


View Profile
March 26, 2013, 09:33:15 PM
 #15

This generating private/public keypairs is useless, IF YOU ARE NOT GIVING IT IN PERSON.

http://en.wikipedia.org/wiki/Man-in-the-middle_attack

"The whole problem with the world is that fools and fanatics are always so certain of themselves and wiser people so full of doubts." -Bertrand Russell
Raoul Duke
aka psy
Legendary
*
Offline Offline

Activity: 1358
Merit: 1002



View Profile
March 26, 2013, 09:35:07 PM
 #16

https://bitmessage.org/wiki/Main_Page
molecular
Donator
Legendary
*
Offline Offline

Activity: 2772
Merit: 1019



View Profile
March 26, 2013, 09:58:46 PM
 #17

This generating private/public keypairs is useless, IF YOU ARE NOT GIVING IT IN PERSON.

http://en.wikipedia.org/wiki/Man-in-the-middle_attack

if you're familiar with the voice of the person, I think it's pretty safe to transmit the public key via phone after having a conversation about the weather.


PGP key molecular F9B70769 fingerprint 9CDD C0D3 20F8 279F 6BE0  3F39 FC49 2362 F9B7 0769
Rothgar
Sr. Member
****
Offline Offline

Activity: 374
Merit: 250


Tune in to Neocash Radio


View Profile WWW
March 26, 2013, 10:02:27 PM
 #18

Send the person a picture of a cat to use as a one time pad.   Grin

Mail them a CD with the picture of the cat that you take yourself.  Email the OTP encrypted file. 

I'm being a little silly this is probably overkill. 

Visit http://neocashradio.com for the premier weekly bitcoin podcast.
Follow neocashradio on twitter.  https://twitter.com/NeocashRadio
MysteryMiner
Legendary
*
Offline Offline

Activity: 1512
Merit: 1049


Death to enemies!


View Profile
March 26, 2013, 10:08:20 PM
 #19

TorChat is out-of-box solution that cannot be compromised unless Tor asymmetric encryption is totally broken or one of boxes are compromised.

bc1q59y5jp2rrwgxuekc8kjk6s8k2es73uawprre4j
SgtSpike (OP)
Legendary
*
Offline Offline

Activity: 1400
Merit: 1005



View Profile
March 26, 2013, 10:23:54 PM
 #20

This generating private/public keypairs is useless, IF YOU ARE NOT GIVING IT IN PERSON.

http://en.wikipedia.org/wiki/Man-in-the-middle_attack
Hmmm, good point.  Would there be a way for someone to MITM communications in such a way that the receiver of the information still gets it and doesn't know that it is compromised?

Obviously, the key is getting the correct Bitmessage address for a particular person, but I've heard that Bitmessage addresses can be generated from Bitcoin addresses?  That might be one way to prove ownership of a particular address.

This generating private/public keypairs is useless, IF YOU ARE NOT GIVING IT IN PERSON.

http://en.wikipedia.org/wiki/Man-in-the-middle_attack

if you're familiar with the voice of the person, I think it's pretty safe to transmit the public key via phone after having a conversation about the weather.
Good point as well...

Send the person a picture of a cat to use as a one time pad.   Grin

Mail them a CD with the picture of the cat that you take yourself.  Email the OTP encrypted file.  

I'm being a little silly this is probably overkill.  
LOL.

What about just mailing a password (plaintext), and then emailing a .rar encrypted file?  I don't know what OTP is or how a cat picture could be used as a pad, and yes, that might be overkill for my purposes anyway.  Tongue
Pages: [1] 2 3 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!