Bitcoin Forum
December 04, 2016, 06:34:00 PM *
News: To be able to use the next phase of the beta forum software, please ensure that your email address is correct/functional.
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Wallet Encryption - Keyfiles are needed!  (Read 919 times)
bitlotto
Hero Member
*****
Offline Offline

Activity: 672


BitLotto - best odds + best payouts + cheat-proof


View Profile WWW
June 16, 2011, 04:18:10 AM
 #1

Maybe not as complicated setup as Truecrypt but I think keyfiles are a must for better security. It would make brute forcing a wallet WAY harder if the attacker doesn't know what file(s) you use as keyfiles. Generating a keyfile would be a nice feature too. Bitcoin would have to remind the user though that the keyfile must be backed up and kept somewhere safe for if you lose the keyfile you can't open the wallet.

Anyone else use keyfiles elsewhere?
I don't know the details of how it would be implemented but couldn't bitcoin read the disk at random intervals (not too often to notice performance change) and access a file or two just to trick malware. That way if there is malware they won't be able to know when the actual keyfile is used?

*Next Draw Feb 1*  BitLotto: monthly raffle (0.25 BTC per ticket) Completely transparent and impossible to manipulate who wins. TOR
TOR2WEB
Donations to: 1JQdiQsjhV2uJ4Y8HFtdqteJsZhv835a8J are appreciated.
1480876440
Hero Member
*
Offline Offline

Posts: 1480876440

View Profile Personal Message (Offline)

Ignore
1480876440
Reply with quote  #2

1480876440
Report to moderator
1480876440
Hero Member
*
Offline Offline

Posts: 1480876440

View Profile Personal Message (Offline)

Ignore
1480876440
Reply with quote  #2

1480876440
Report to moderator
1480876440
Hero Member
*
Offline Offline

Posts: 1480876440

View Profile Personal Message (Offline)

Ignore
1480876440
Reply with quote  #2

1480876440
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1480876440
Hero Member
*
Offline Offline

Posts: 1480876440

View Profile Personal Message (Offline)

Ignore
1480876440
Reply with quote  #2

1480876440
Report to moderator
FreeMoney
Legendary
*
Offline Offline

Activity: 1246


Strength in numbers


View Profile WWW
June 16, 2011, 11:28:07 AM
 #2

Maybe not as complicated setup as Truecrypt but I think keyfiles are a must for better security. It would make brute forcing a wallet WAY harder if the attacker doesn't know what file(s) you use as keyfiles. Generating a keyfile would be a nice feature too. Bitcoin would have to remind the user though that the keyfile must be backed up and kept somewhere safe for if you lose the keyfile you can't open the wallet.

Anyone else use keyfiles elsewhere?
I don't know the details of how it would be implemented but couldn't bitcoin read the disk at random intervals (not too often to notice performance change) and access a file or two just to trick malware. That way if there is malware they won't be able to know when the actual keyfile is used?


Aren't you going to need to reveal the keyfile at some point? Finding a way to be safe with malware on your computer is not optimal.

Play Bitcoin Poker at sealswithclubs.eu. We're active and open to everyone.
bitlotto
Hero Member
*****
Offline Offline

Activity: 672


BitLotto - best odds + best payouts + cheat-proof


View Profile WWW
June 16, 2011, 12:29:59 PM
 #3

Maybe not as complicated setup as Truecrypt but I think keyfiles are a must for better security. It would make brute forcing a wallet WAY harder if the attacker doesn't know what file(s) you use as keyfiles. Generating a keyfile would be a nice feature too. Bitcoin would have to remind the user though that the keyfile must be backed up and kept somewhere safe for if you lose the keyfile you can't open the wallet.

Anyone else use keyfiles elsewhere?
I don't know the details of how it would be implemented but couldn't bitcoin read the disk at random intervals (not too often to notice performance change) and access a file or two just to trick malware. That way if there is malware they won't be able to know when the actual keyfile is used?


Aren't you going to need to reveal the keyfile at some point? Finding a way to be safe with malware on your computer is not optimal.

The keyfile is mostly a file to help make your password more secure. A lot of people use crappy passwords. If they used the keyfile it would add lot's of random info to the password so if just the wallet is stolen they won't be able to brute force the password unless they also know the keyfile and have a copy. It's what truecrypt can use. 

*Next Draw Feb 1*  BitLotto: monthly raffle (0.25 BTC per ticket) Completely transparent and impossible to manipulate who wins. TOR
TOR2WEB
Donations to: 1JQdiQsjhV2uJ4Y8HFtdqteJsZhv835a8J are appreciated.
gmaxwell
Moderator
Legendary
*
qt
Offline Offline

Activity: 2016



View Profile
June 17, 2011, 02:32:15 PM
 #4

The keyfile is mostly a file to help make your password more secure. A lot of people use crappy passwords. If they used the keyfile it would add lot's of random info to the password so if just the wallet is stolen they won't be able to brute force the password unless they also know the keyfile and have a copy. It's what truecrypt can use. 

Strengthening probably addresses this better by making the bruteforce too slow to be effective against all but the dumbest passwords.

Its important to keep in mind that, recent hysteria notwithstanding, the greater risk to most bitcoin users is coin _loss_ not coin theft.  Security measures are important, but if they make you more likely to lose your coins or suffer data corruption then they are probably a net harm to the users overall.

Basic wallet encryption is probably a net gain— widely used it should immunize the whole community against the creation of collection worms somewhat though it will cause some people to lose coins that wouldn't otherwise be lost. I doubt this is true for keyfile boosted encryption.  Moreover, if you want that you can have it externally to bitcoin.
dayfall
Sr. Member
****
Offline Offline

Activity: 312



View Profile
June 17, 2011, 02:55:54 PM
 #5

Can't we have passphrase and keyfile both be optional?
willphase
Hero Member
*****
Offline Offline

Activity: 770


View Profile
June 17, 2011, 10:16:20 PM
 #6

There's already a pull request adding this... Perhaps discussion should take place in that thread?

 http://forum.bitcoin.org/index.php?topic=8728.0

Will

Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!