Bitcoin Forum
October 18, 2018, 12:07:05 AM *
News: Make sure you are not using versions of Bitcoin Core other than 0.17.0 [Torrent], 0.16.3, 0.15.2, or 0.14.3. More info.
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Should you store BIP38 encrypted private keys online?  (Read 416 times)
lukaexpl
Full Member
***
Offline Offline

Activity: 148
Merit: 100


View Profile
August 28, 2017, 10:21:56 AM
 #1

Assume the following:

1. you created your private keys on an offline computer
2. you encrypted your private keys using BIP38 also offline
3. you used dices and Diceware word list at your table at home to create a strong passphrase
4. you printed your private keys on a printer that was offline

Should you under this scenario still avoid saving your encrypted private keys online?

If BIP38 is power intensive and bruteforce resistant with even a reasonable password (let alone one Diceware-generated) why should you be worried about scanning your private keys and uploading them to a cloud for example (that way you would have access to them whereever you might find yourself?)
1539821225
Hero Member
*
Offline Offline

Posts: 1539821225

View Profile Personal Message (Offline)

Ignore
1539821225
Reply with quote  #2

1539821225
Report to moderator
1539821225
Hero Member
*
Offline Offline

Posts: 1539821225

View Profile Personal Message (Offline)

Ignore
1539821225
Reply with quote  #2

1539821225
Report to moderator
1539821225
Hero Member
*
Offline Offline

Posts: 1539821225

View Profile Personal Message (Offline)

Ignore
1539821225
Reply with quote  #2

1539821225
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1539821225
Hero Member
*
Offline Offline

Posts: 1539821225

View Profile Personal Message (Offline)

Ignore
1539821225
Reply with quote  #2

1539821225
Report to moderator
1539821225
Hero Member
*
Offline Offline

Posts: 1539821225

View Profile Personal Message (Offline)

Ignore
1539821225
Reply with quote  #2

1539821225
Report to moderator
ranochigo
Legendary
*
Offline Offline

Activity: 1568
Merit: 1094

Somewhat inactive.


View Profile WWW
August 28, 2017, 12:31:42 PM
 #2

Should you under this scenario still avoid saving your encrypted private keys online?
Not under any circumstances.
If BIP38 is power intensive and bruteforce resistant with even a reasonable password (let alone one Diceware-generated) why should you be worried about scanning your private keys and uploading them to a cloud for example (that way you would have access to them whereever you might find yourself?)
The whole idea of the cold wallet is to have it disconnected from the outside world fully. It will not be called a cold storage if its exposed to the internet at any point of time.

In the event that the password generator is somehow flawed or a vulnerability is discovered in whichever client you used to generate the keys in, you will be 100% safe. I don't see much point in generating a paper wallet and then storing it online, you're better off generating a wallet and just storing a backup there.

lukaexpl
Full Member
***
Offline Offline

Activity: 148
Merit: 100


View Profile
August 28, 2017, 01:11:00 PM
 #3

Should you under this scenario still avoid saving your encrypted private keys online?
Not under any circumstances.
If BIP38 is power intensive and bruteforce resistant with even a reasonable password (let alone one Diceware-generated) why should you be worried about scanning your private keys and uploading them to a cloud for example (that way you would have access to them whereever you might find yourself?)
The whole idea of the cold wallet is to have it disconnected from the outside world fully. It will not be called a cold storage if its exposed to the internet at any point of time.

In the event that the password generator is somehow flawed or a vulnerability is discovered in whichever client you used to generate the keys in, you will be 100% safe. I don't see much point in generating a paper wallet and then storing it online, you're better off generating a wallet and just storing a backup there.

I get what you are saying.

The problem that I have with paper wallets is the FACT THAT YOU CANNOT CARRY THEM AROUND IN YOUR HEAD.

Lets say you created your paper wallets offline, printed them offline, laminated them, put them in a waterproof/fireproof envelopes, protected them with strong password, printed them offline multiple times and stored them in a bank vault.
That would be considered pretty safe.

But the problem is that you can not carry that information in your head.
Every time you want to/need to have access to your bitcoin you would need physical access to your encrypted printed paper wallets.

Lets say:
1. you are half way accross the globe
2. the bank does not grant you access to safe
3. the goverment does not grant you access to the location where the safe is

...you are essentially safe from anyone stealing your bitcoins but you are equally unable to spend them yourself.

That is why I thought scanning the paperwallets, encrypting them with some kind of tool (not sure which one) and uploading them as an encrypted file on a cloud/clouds would be cryptographically secure but still accessible to you should you lose physical access to the places where you stored your wallets.

suppersz
Sr. Member
****
Offline Offline

Activity: 336
Merit: 250

There is a day to be born, and another to die


View Profile
August 29, 2017, 01:28:26 PM
 #4

Bruteforcing a private key for an address in basically impossible. Bruteforcing someone's encrypted password is plausible. Especially with leaked passwords and dictionary attacks out there. If you are going to do this, at least put it inside of an encrypted volume of some sort using passwords you have never used before. You are basically sacrificing some security for some convenience. Honestly, if you really wanted to, you could just bury some usb around a few places if you are that worried.

Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!