Bitcoin Forum
November 25, 2017, 10:08:27 AM *
News: Latest stable version of Bitcoin Core: 0.15.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Brain Wallet usage  (Read 2371 times)
oinkie
Newbie
*
Offline Offline

Activity: 8


View Profile
April 01, 2013, 08:27:59 PM
 #1

n00b here. Can anyone tell me this is a correct and secure way of working with a brain wallet?

1. Create a wallet labelled 'Daily use' on blockchain.info
2. Download a Linux live cd, boot into it and navigate to brainwallet.org and download the page.
3. Disconnect from the Internet and open the downloaded brainwallet.org page
4. Enter a very unique & personal passphrase no one else would ever think of. Copy paste the generated public key to a txt file and store it on the hdd of the pc.
5. Reboot to 'normal' operating system. Navigate to blockchain.info and log in wallet.
6. Go to 'Import/Export' and add a 'read only bitcoin address' and enter the public key from the text file (stored in step 4). Label this wallet as 'Savings'.
7. Do some trading and send a few bitcoins on the 'daily use' account. When the amount of BTC's on the 'daily use' account becomes too big, send some bitcoins to the 'Savings' account.
8. When I want to 'cash out' everything from the savings account: generate the private key again on brainwallet.org (offline in a live cd environment?) and import it in blockchain.info wallet. Then send all bitcoins to mt gox and create a sell order for them

Does this sounds like a plan?
Is it no problem to send different amounts of BTC in different transactions over time to the savings account that was generated with the 'brainwallet.org' website?

Thanks for the help!
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1511604507
Hero Member
*
Offline Offline

Posts: 1511604507

View Profile Personal Message (Offline)

Ignore
1511604507
Reply with quote  #2

1511604507
Report to moderator
1511604507
Hero Member
*
Offline Offline

Posts: 1511604507

View Profile Personal Message (Offline)

Ignore
1511604507
Reply with quote  #2

1511604507
Report to moderator
1511604507
Hero Member
*
Offline Offline

Posts: 1511604507

View Profile Personal Message (Offline)

Ignore
1511604507
Reply with quote  #2

1511604507
Report to moderator
dayfall
Sr. Member
****
Offline Offline

Activity: 312



View Profile
April 01, 2013, 08:37:31 PM
 #2

That looks good to me.  I would like to know how easy is it to use brainwallet.org/#tx to create transactions without having to expose the private key to the network.  That way you don't have to recreate the brainwallet.
nwbitcoin
Sr. Member
****
Offline Offline

Activity: 294


You are a geek if you are too early to the party!


View Profile WWW
April 01, 2013, 08:41:50 PM
 #3

The danger of a brain wallet is using a phrase that has an element of popular to it.
If it's something someone else has, you could end up sharing wallets!

In theory anyway! Smiley

*Image Removed*
I use Localbitcoins to sell bitcoins for GBP by bank transfer!
oinkie
Newbie
*
Offline Offline

Activity: 8


View Profile
April 01, 2013, 08:50:16 PM
 #4

The danger of a brain wallet is using a phrase that has an element of popular to it.
If it's something someone else has, you could end up sharing wallets!

In theory anyway! Smiley

I realize that, but I think it's not that hard to make your pass phrase that personal so no one else would ever enter that same passphrase.
I wonder how the generation of addresses work anyway. Isn't there a chance that the very same public & private key are generated twice?
DannyHamilton
Legendary
*
Offline Offline

Activity: 1988



View Profile
April 02, 2013, 02:29:14 AM
 #5

The danger of a brain wallet is using a phrase that has an element of popular to it.
If it's something someone else has, you could end up sharing wallets!

In theory anyway! Smiley

I realize that, but I think it's not that hard to make your pass phrase that personal so no one else would ever enter that same passphrase.
I wonder how the generation of addresses work anyway. Isn't there a chance that the very same public & private key are generated twice?

It is unlikely that the same private key will be generated from a different passphrase.  So unlikely that you can consider it practically impossible.

The larger risk is that someone who knows a lot about you might figure out your passphrase if you make it too personal, and someone might accidentally use the same passphrase if you don't make it personal enough.  Truly random is more secure, but it quickly becomes impossible to remember (making it useless as a "brain" wallet).

virtualmaster
Hero Member
*****
Offline Offline

Activity: 504



View Profile
April 02, 2013, 07:02:15 AM
 #6

Brain-wallet can be easier broken than stored wallet because all attacker can try to knack all brain-wallets in the same time.
To defend yourself against this coordinated attack your pass-phrase should have additionally to your secret password an individual component which is unique for you(for ex. your email address).

Calendars for free to print: 2014 Calendar in JPG | 2014 Calendar in PDF Protect the Environment with Namecoin: 2014 Calendar in JPG | 2014 Calendar in PDF
Namecoinia.org  -  take the planet in your hands
BTC: 15KXVQv7UGtUoTe5VNWXT1bMz46MXuePba   |  NMC: NABFA31b3x7CvhKMxcipUqA3TnKsNfCC7S
odolvlobo
Legendary
*
Offline Offline

Activity: 1960



View Profile
April 02, 2013, 07:49:51 AM
 #7

While the risk of someone coming up with the same key is significant, the real danger is that a brain wallet is much easier to crack than a random bitcoin address. A typical desktop computer can generate and check a million keys a second.

For example, some number of people in the world will use obscure phrases from Shakespeare to create their keys. The complete works of Shakespeare consists of about 900,000 words, so there are about 9 million possible phrases of 1 to 10 words. Their money will be stolen in 9 seconds.

Some people will use their home address to generate the key. Assuming that there are maybe 200 million home addresses in the U.S., it will take about three minutes to steal all of their money.

What about a key made from 5 random words? Well, first of all, the words won't be completely random because they must be memorable. Most people will probably chose from a list of less than 1000 words. That's 1,000,000,000,000,000 possible 5-word phrases. That's a huge number, but at 1 million keys per second, the entire list of 5-word phrases can be searched in 31 years by a single computer, or 11 days by a botnet of 1000 computers. If this is how you generate your brain wallet, consider your money stolen.

Buy bitcoins with cash from somebody near you: LocalBitcoins
Join an anti-signature campaign: DannyHamilton's ignore list
virtualmaster
Hero Member
*****
Offline Offline

Activity: 504



View Profile
April 02, 2013, 08:20:43 AM
 #8

Unfortunately there is no secure brain wallet generator at the moment and you need to have a very long pass-phrase.
If you cannot remember the pass-phrase and you must write down then it is not any more a brain wallet.
When somebody would implement a skrypt based brain wallet password creator with generation time above 10 s then it would be a great step and a short password would be enough.
May be the next brain wallet of Casascius will implement it.

Calendars for free to print: 2014 Calendar in JPG | 2014 Calendar in PDF Protect the Environment with Namecoin: 2014 Calendar in JPG | 2014 Calendar in PDF
Namecoinia.org  -  take the planet in your hands
BTC: 15KXVQv7UGtUoTe5VNWXT1bMz46MXuePba   |  NMC: NABFA31b3x7CvhKMxcipUqA3TnKsNfCC7S
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!