Best wallet for Security + Offline Transactions

[BlueTopaz]

Hey guys, please suggest which is the best wallet for bitcoin and litecoin in terms of security.
please suggest for offline transaction ability as well.

Thanks.

[1715066953]

1715066953

[1715066953]

1715066953

[ranochigo]

Bitcoin Core would definitely be the one with the most features and have no privacy compromises when you are talking about having a wallet. Bitcoin Core allows users to transmit transactions offline by offering the feature to sign transactions offline in the console. That being said, it isn't easy to create offline transactions and sign them.

Armory is the solution to this. Armory basically relies on Bitcoind, similar to Bitcoin Core, to synchronize with the network and make transactions. This is ideally a great setup to use.

However, you can also use Electrum and they also have the feature to create a raw unsigned transaction on the online computer sign it on an offline computer. Electrum is more lightweight but it does not offer great privacy nor wallet file security.*

*It is definitely strong but when comparing with Bitcoin Core: https://imgur.com/b59utxl

[Coding Enthusiast]

Electrum is more lightweight but it does not offer ♯♯ wallet file security.

This part is not right. Electrum uses AES-256-CBC which is, to my knowledge, a pretty strong way of encrypting the wallet file for security.

[Sosaso75]

Electrum is more lightweight but it does not offer ♯♯ wallet file security.

This part is not right. Electrum uses AES-256-CBC which is, to my knowledge, a pretty strong way of encrypting the wallet file for security.

I agree with this user.

[Coin-Keeper]

A chain is only as strong as the weakest link.  The software products mentioned are all strong running on a clean "non-malware" machine.  I have been teaching security for some time now and the weak link is usually a "dirty" machine caused many times by ongoing operator error with their OPSec.  A good counter measure is to picture your machine "dirty" and ask if that would enable a bad actor to steal your coins?  We are currently participating in the Electrum forum so lets stay here and consider two solutions.  1.  Use Electrum with cold storage where an offline computer holds the private keys and no access is available to the online "dirty" machine.  2. Use Electrum with a hardware wallet on an online machine.  A decent hardware wallet doesn't even allow Electrum to see the private keys so "malware" will never get the needed keys to move coins.  Beyond doubt nobody wants to knowingly operate a "malware infected" machine.  The subject of how to remove malware and prevent it in the first place is another thread.

[f___o]

Electrum is more lightweight but it does not offer ♯♯ wallet file security.

This part is not right. Electrum uses AES-256-CBC which is, to my knowledge, a pretty strong way of encrypting the wallet file for security.

I agree with this user.

He is wrong. AES-256-CBC is used in many wallets. So no difference between them. Look at multibit hd beta 0.5 any why it is early. It uses AES-256-CBC and scrypt for key-stretching. Electrum uses SHA256d for key-stretching, same as mining. In this picture you can see brute force attacks with a normal computer. All the wallets use AES-256-CBC. The question is about offline computer. Is encryption important when offline?

https://imgur.com/b59utxl (if it does not load, click)

[Coding Enthusiast]

Electrum is more lightweight but it does not offer ♯♯ wallet file security.

This part is not right. Electrum uses AES-256-CBC which is, to my knowledge, a pretty strong way of encrypting the wallet file for security.

I agree with this user.

He is wrong. AES-256-CBC is used in many wallets. So no difference between them. Look at multibit hd beta 0.5 any why it is early. It uses AES-256-CBC and scrypt for key-stretching. Electrum uses SHA256d for key-stretching, same as mining. In this picture you can see brute force attacks with a normal computer. All the wallets use AES-256-CBC. The question is about offline computer. Is encryption important when offline?

(if it does not load, click)

Then what is your explanation for this: http://docs.electrum.org/en/latest/faq.html#what-encryption-is-used-for-wallets
I will add the link to code on GitHub if I can find it since I am bad at python.

Also the picture you have included here is out of context and does not say anything.
What is this result of?
Is it result of brute forcing encrypted wallet files?
How old is this?
How strong or weak was the passwords which were used? (the length of the password for example was it "123" or was it "2Fd#4dlR&jfh8"?
How many tests were performed on how many variations of passwords?

[ranochigo]

Then what is your explanation for this: http://docs.electrum.org/en/latest/faq.html#what-encryption-is-used-for-wallets
I will add the link to code on GitHub if I can find it since I am bad at python.

Also the picture you have included here is out of context and does not say anything.
What is this result of?
Is it result of brute forcing encrypted wallet files?

I came across this several days ago and hence I made my statement. Bitcoin Core does have a more advanced encryption [1] and more than AES-256-CBC.

How old is this?

Probably fairly new, it was uploaded on Aug 1 anyway and it has appeared on the forum quite sometime ago.

How strong or weak was the passwords which were used? (the length of the password for example was it "123" or was it "2Fd#4dlR&jfh8"?

Doesn't really matter. The results showed the number of keys tested per second and not the time it takes to crack them.

Although I have to agree that Electrum is quite secure, I have to say that Bitcoin Core, Multibit etc is harder to bruteforce as compared to Electrum. It wouldn't be a problem if you're using a long and strong password. It is a problem if you are making a cold storage and someone else have access to your encrypted wallet files anyway.



[1] https://en.bitcoin.it/wiki/Wallet_encryption

[f___o]

Electrum is more lightweight but it does not offer ♯♯ wallet file security.

This part is not right. Electrum uses AES-256-CBC which is, to my knowledge, a pretty strong way of encrypting the wallet file for security.

I agree with this user.

He is wrong. AES-256-CBC is used in many wallets. So no difference between them. Look at multibit hd beta 0.5 any why it is early. It uses AES-256-CBC and scrypt for key-stretching. Electrum uses SHA256d for key-stretching, same as mining. In this picture you can see brute force attacks with a normal computer. All the wallets use AES-256-CBC. The question is about offline computer. Is encryption important when offline?

https://imgur.com/b59utxl (if it does not load, click)

Then what is your explanation for this: http://docs.electrum.org/en/latest/faq.html#what-encryption-is-used-for-wallets
I will add the link to code on GitHub if I can find it since I am bad at python.

Also the picture you have included here is out of context and does not say anything.
What is this result of?
Is it result of brute forcing encrypted wallet files?
How old is this?
How strong or weak was the passwords which were used? (the length of the password for example was it "123" or was it "2Fd#4dlR&jfh8"?
How many tests were performed on how many variations of passwords?

The graph shows brute force attack on wallets. The numbers are passwords/s. It is from my research 2 month ago. All wallets you see use AES-256-CBC. That is not important. If your password is strong, brute force is not working. With electrum you must have a strong password, with others not so much. I will show you in source if it helps.

Here is defined Hash(x), here it is used as secret for encryption. This is normal and called key-stretching or key derivation function. It is used because a password does not have the correct bits.

Now we look at bitcoin core. Here is encryption and look here is benchmark to help find a good number of sha512 rounds. In my research the wallets used 128675 to 240718 rounds. Think what would take longer 128000 rounds sha512 or two rounds sha256. AES is the same for all, it does not matter.

And question again, why is the password and key-stretching important if the computer is offline? Offline computer can have simple or no password.