gravitate (OP)
Legendary
 Offline
Activity: 1372
Merit: 1000
|
 |
September 17, 2013, 11:17:27 AM |
|
I want to get a piece of metal engraved with my public address and private key. Basically my public address will be shown and the private key will be fully written yet have some characters capitalised/ decapitalised and some numbers that are slightly different.
In toltal for one full private key generated from bitaddress.org the private key was changed by capitalising 3 letters, decapitalising 2 and changing 1 of the numbers.
So the engraver will see my public address and my private key with a few changes. Are there any risk of my coins getting stiolen?
Thanks
|
To peel or not to peel.
|
|
|
DannyHamilton
Legendary
Offline
Activity: 3388
Merit: 4653
|
|
September 17, 2013, 01:04:56 PM |
|
You've posted this question in multiple places. I've already answered it in your other post: https://bitcointalk.org/index.php?topic=291513.msg3172909#msg3172909If the engraver is aware of your obfuscation system, then there is a significant risk (perhaps they are reading this forum right now?)
Even if they aren't aware, there is a bit of a risk that they could decide to run a program that iterates over various combinations of substitution. I haven't done the math, but you are essentially changing only 9 bits of information in an otherwise known 256 bit number.
|
|
|
|
|
CIYAM
Legendary
Offline
Activity: 1890
Merit: 1078
Ian Knowles - CIYAM Lead Developer
|
|
September 17, 2013, 01:11:03 PM |
|
If you're not going to encrypt then why not at least divide the private key into (2 or 3) parts and get them engraved separately (each at a different engraver)?
|
|
|
|
gravitate (OP)
Legendary
Offline
Activity: 1372
Merit: 1000
|
|
September 17, 2013, 01:19:18 PM |
|
Yes maybe I might do that. Thank you
|
To peel or not to peel.
|
|
|
gravitate (OP)
Legendary
Offline
Activity: 1372
Merit: 1000
|
|
September 17, 2013, 01:20:02 PM |
|
But then the last engraver will know it all lol. Anyway I am going to change it a bit. Thankyou
|
To peel or not to peel.
|
|
|
CIYAM
Legendary
Offline
Activity: 1890
Merit: 1078
Ian Knowles - CIYAM Lead Developer
|
|
September 17, 2013, 01:21:54 PM |
|
But then the last engraver will know it all lol. Anyway I am going to change it a bit. Thankyou
The last engraver would only know the last part of the private key (i.e. you'd end up with 2 or 3 separate engravings for your private key). Although not as good as an encrypted private key provided that the engravers aren't ever likely to be able to collude you should be fine (using engravers from different cities or better yet different countries would vastly reduce any chance of collusion). |
|
|
|
gravitate (OP)
Legendary
Offline
Activity: 1372
Merit: 1000
|
|
September 17, 2013, 01:31:07 PM |
|
How do you encrypt it though?
|
To peel or not to peel.
|
|
|
DannyHamilton
Legendary
Offline
Activity: 3388
Merit: 4653
|
|
September 17, 2013, 01:34:51 PM |
|
How do you encrypt it though?
https://bitcointalk.org/index.php?topic=291513.msg3173226#msg3173226I'd generate a random 256 bit number, perform an XOR between the random 256 bit number and the bitcoin address, then encode both the random number and the result of the XOR in something like base58. Next I'd have two different engravers engrave two separate items, each engraving one of the two encoded strings.
To redeem, you'd perform a bitwise XOR between the values represented on the two engraved items, and import the result as a private key.
In reality, this is all more effort and risk than I'd prefer. I wouldn't use an engraver at all, and would find some other method of long term storage that doesn't require me to reveal my address or encoded private key to another person. If you've got your mind set on involving untrusted people to assist, then I'd want to introduce a significant amount of unpredictable modification to the value that you are sharing.
|
|
|
|
|
CIYAM
Legendary
Offline
Activity: 1890
Merit: 1078
Ian Knowles - CIYAM Lead Developer
|
|
September 17, 2013, 01:50:20 PM |
|
The approach that I use for encrypting is PGP/GPG and then turn the encrypted private key into a QR code (which you could safely get engraved assuming your PGP/GPG password is secure).
|
|
|
|
jl2012
Legendary
Offline
Activity: 1792
Merit: 1097
|
|
September 17, 2013, 05:05:34 PM |
|
So the engraver will see my public address and my private key with a few changes. Are there any risk of my coins getting stiolen?
Yes, absolutely. So forget it |
Donation address: 374iXxS4BuqFHsEwwxUuH3nvJ69Y7Hqur3 (Bitcoin ONLY)
LRDGENPLYrcTRssGoZrsCT1hngaH3BVkM4 (LTC)
PGP: D3CC 1772 8600 5BB8 FF67 3294 C524 2A1A B393 6517
|
|
|
|
rafsoaken
|
|
September 17, 2013, 07:56:49 PM |
|
You can use gpg, gpg --armor --symmetric --cipher-algo AES256 file_with_private_key That encrypts your private key with a passphrase you give it (file_with_private_key.asc). The armor option makes it output in ascii (you end thus up with printable characters). You can give that output without worries to an engraver (be sure though to have a completely randomized password at least 20 characters long!) Decrypt with: gpg -o filename -d file_with_private_key.asc Of course you might want to engrave the passphrase with a different engraver,  |
|
|
|
|
|
pedrog
Legendary
Offline
Activity: 2786
Merit: 1031
|
|
September 18, 2013, 10:09:31 PM |
|
|
|
|
|
gravitate (OP)
Legendary
Offline
Activity: 1372
Merit: 1000
|
|
September 19, 2013, 07:11:26 AM |
|
thanks for all the replies I have forgotton this idea and used my friends engraving machine and done it myself. only problem is it isn't a laser machine so doesn't look as good  |
To peel or not to peel.
|
|
|
|
