Bitcoin Forum
November 17, 2024, 11:29:41 PM *
News: Check out the artwork 1Dq created to commemorate this forum's 15th anniversary
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: text encoding and regenerating keys and bitcoin addresses  (Read 3200 times)
kellrobinson (OP)
Sr. Member
****
Offline Offline

Activity: 304
Merit: 380


View Profile
November 16, 2013, 04:32:05 PM
 #1


When you submit a passphrase to a hashing algorithm, your text must first be unencoded to binary form, right?  Then hashed. 
When I use a utility like bitaddress.org or brainwallet.org, for the purpose of decoding the text into a binary form does it see my passphrase as ASCII, UTF-8, or what?
Let's say I create a brainwallet following instructions here:
http://www.reddit.com/r/Bitcoin/comments/1bhffb/how_to_create_and_use_an_offlineonly_wallet/
I memorize or preserve my passphrase, store bitcoins at the address bitaddress.org generated from the passphrase, and leave them there, untouched, for a long time.
Several years from now I decide to retrieve those coins.  How can I be sure I will still be able to regenerate my private key?  Bitaddress.org and bitwallet.org may be gone; and I don't even know how they used text encoding in the first place.  How can I be sure I'll be able use my passphrase to regenerate my private key in the distant future?
Barek
Full Member
***
Offline Offline

Activity: 168
Merit: 100


View Profile
November 16, 2013, 04:41:01 PM
 #2

You could backup bitaddress.org.

It's all javascript, so saving the html file is all you need to do.
kellrobinson (OP)
Sr. Member
****
Offline Offline

Activity: 304
Merit: 380


View Profile
November 16, 2013, 05:08:44 PM
 #3

You could backup bitaddress.org.
Yes, I have the file stored, and if I could read code I might be able to look at bitaddress.com's Javascript and see how it handles text unencoding.  Do you know what text encoding/unencoding scheme it works on?
Barek
Full Member
***
Offline Offline

Activity: 168
Merit: 100


View Profile
November 16, 2013, 05:13:35 PM
 #4

From https://en.bitcoin.it/wiki/BIP_0038:
Quote
Parameters: passphrase is the passphrase itself encoded in UTF-8.

Brace yourself, I found it rather overwhelming. Smiley
kellrobinson (OP)
Sr. Member
****
Offline Offline

Activity: 304
Merit: 380


View Profile
November 17, 2013, 02:51:49 AM
 #5

Yeah, it's a little over my head.
Like I said, I just want to be able to put funds in a brain wallet and be absolutely sure I can retrieve the funds several years down the road.  It's all my retirement money.
I've been reading through this thread:
https://bitcointalk.org/index.php?topic=43496.0
took several hours just to wade through the first dozen pages or so, but I understood a lot of it.
I came upon something that concerns me in this post:
https://bitcointalk.org/index.php?topic=43496.msg913296#msg913296
"if i only ever send to the non-compressed bitcoin address, then i must import the non-compressed private key to spend them.
That's right."
What would this mean for my future ability to spend if I used bitaddress.org to generate several uncompressed addresses and deposited bitcoins in them?
Barek
Full Member
***
Offline Offline

Activity: 168
Merit: 100


View Profile
November 17, 2013, 09:17:40 AM
 #6

Using a brainwallet for something you mean to forget about seems a little risky. Noone plans to get dementia, but it can happen with age.

Wouldn't a paper wallet be a better choice?

You might be worried about printouts to be stolen/lost in fire. Upcoming versions of Armory are planned to support Shamir Secret Sharing, so you could make a 2-out-of-3 paper wallet, meaning you need any 2 printouts to access your coins.

http://bitcoinarmory.com/about/using-our-wallet/
flatfly
Legendary
*
Offline Offline

Activity: 1092
Merit: 1016

760930


View Profile
November 17, 2013, 10:13:22 AM
 #7


When you submit a passphrase to a hashing algorithm, your text must first be unencoded to binary form, right?  Then hashed. 
When I use a utility like bitaddress.org or brainwallet.org, for the purpose of decoding the text into a binary form does it see my passphrase as ASCII, UTF-8, or what?
Let's say I create a brainwallet following instructions here:
http://www.reddit.com/r/Bitcoin/comments/1bhffb/how_to_create_and_use_an_offlineonly_wallet/
I memorize or preserve my passphrase, store bitcoins at the address bitaddress.org generated from the passphrase, and leave them there, untouched, for a long time.
Several years from now I decide to retrieve those coins.  How can I be sure I will still be able to regenerate my private key?  Bitaddress.org and bitwallet.org may be gone; and I don't even know how they used text encoding in the first place.  How can I be sure I'll be able use my passphrase to regenerate my private key in the distant future?

They are just using plain text - for that matter, perhaps it may help you to look at our 30-line neuron/NoBrainr python script (see signature), which does SHA256(passphrase) and produces identical results to both of these websites.
kellrobinson (OP)
Sr. Member
****
Offline Offline

Activity: 304
Merit: 380


View Profile
November 17, 2013, 05:25:24 PM
 #8

Using a brainwallet for something you mean to forget about seems a little risky. Noone plans to get dementia, but it can happen with age.

Wouldn't a paper wallet be a better choice?

You might be worried about printouts to be stolen/lost in fire. Upcoming versions of Armory are planned to support Shamir Secret Sharing, so you could make a 2-out-of-3 paper wallet, meaning you need any 2 printouts to access your coins.

http://bitcoinarmory.com/about/using-our-wallet/
NO, a paper wallet would most emphatically not be a better choice.  And adopting a wallet that requires access to even more pieces of paper is worse.
I am a traveler.  I don't have a home or even a home town.  When it comes time to spend some of my stored bitcoin, I may be in Asia or South America, not sitting on my couch down the street from some bank where I stored a paper wallet in a safe deposit box.
A brain wallet isn't all that different from a paper wallet.  And I don't have to rely on memory alone.
Dabs
Legendary
*
Offline Offline

Activity: 3416
Merit: 1912


The Concierge of Crypto


View Profile
November 18, 2013, 03:42:45 AM
 #9

Will your bitcoins be useful to you if you are dead? If not, then I suggest something that you always keep with you, like a necklace, or a ring on your finger, or a small card in your physical wallet.

You may be traveling, but you need to be wearing clothes or at least have a little bag with you. It's so easy to hide or stitch something to your underwear or pants or undershirt, or stuck to your passport (which I take it, you guard very well so you won't lose it.)

There are special wallets for this purpose, usually sold to travelers, you hide it under your clothes. For passports, for credit cards, for cash.

Even the bad guys do it. Osama bin Laden stitched a few dollars onto his clothes when they killed him.

Quote
Osama bin Laden had cash totaling 500 Euros and two telephone numbers sewn into his clothing when he was killed.

Some people say use marine stainless steel, plastic, tungsten... For clothes, I suggest you embroider either the passphrase or the private key itself on cloth. Then you stitch that on your clothes or jacket that can hang from your belt. It can even get wet.

Of course, if you can memorize it and not forget, that would be better. I just don't trust my brain that much yet on seldom used information. I memorize my email and passwords even if it is 32 characters long, but that's because I use it every day.

kellrobinson (OP)
Sr. Member
****
Offline Offline

Activity: 304
Merit: 380


View Profile
November 18, 2013, 06:38:56 AM
 #10

There's a better way.  Mnemonics.
I made a passphrase of English words from a list of about 54 thousand words.  Easy enough to do if you concatenate a bunch of scrabble lists, turn them into comma separated files, import them into a spreadsheet; then use random numbers to select a series of words from the list.  For a wordlist of 54k, six words give you about 94 bits of entropy.  If you're lazy you can just use the diceware list, but at only 7776 words you will need a longer passphrase.  Seven words would give you 90 bits of entropy.
Now for the mnemonics part.  Instead of saving the passphrase itself, I'll save something that will remind me of the passphrase. 
I'll email myself a story, just a few sentences long.  Each sentence will be tailored to jog my memory about one of the words.  I'll send this mnemonic to my yahoo and gmail accounts.  I'll probably also keep the passphrase or mnemonic on my person.  Sewing it into my waistband seems like too much trouble.  Probably just write something on a slip of paper and keep in my wallet or passport.
Comments, criticisms, suggestions?
flatfly
Legendary
*
Offline Offline

Activity: 1092
Merit: 1016

760930


View Profile
November 18, 2013, 06:46:09 AM
 #11

There's a better way.  Mnemonics.
I made a passphrase of English words from a list of about 54 thousand words.  Easy enough to do if you concatenate a bunch of scrabble lists, turn them into comma separated files, import them into a spreadsheet; then use random numbers to select a series of words from the list.  For a wordlist of 54k, six words give you about 94 bits of entropy.  If you're lazy you can just use the diceware list, but at only 7776 words you will need a longer passphrase.  Seven words would give you 90 bits of entropy.
Now for the mnemonics part.  Instead of saving the passphrase itself, I'll save something that will remind me of the passphrase. 
I'll email myself a story, just a few sentences long.  Each sentence will be tailored to jog my memory about one of the words.  I'll send this mnemonic to my yahoo and gmail accounts.  I'll probably also keep the passphrase or mnemonic on my person.  Sewing it into my waistband seems like too much trouble.  Probably just write something on a slip of paper and keep in my wallet or passport.
Comments, criticisms, suggestions?

This (diceware style brainwallets) is exactly the approach I recommend.
To make it even easier: check out my signature Wink
kellrobinson (OP)
Sr. Member
****
Offline Offline

Activity: 304
Merit: 380


View Profile
November 18, 2013, 07:43:31 AM
 #12

Considering what's at stake, going to the trouble of doing it from scratch the way I did is well worth it, in my opinion.  I patiently researched the issue.  Then when I understood it well, I did the work.  No shortcuts.  That's how you get something right.

Next I want to use salt or something to generate several different passphrases from the original one (while avoiding an undue increase in the mnemonic load), so I can divide my gelt into small piles for safer storage.  Now how would you go about it?
dserrano5
Legendary
*
Offline Offline

Activity: 1974
Merit: 1029



View Profile
November 18, 2013, 11:25:17 AM
 #13

Of course, if you can memorize it and not forget, that would be better. I just don't trust my brain that much yet on seldom used information. I memorize my email and passwords even if it is 32 characters long, but that's because I use it every day.

Exactly, the trick is using the password everyday. Of course you can't type it in your online computer but you should imagine that you're telling it to someone else or something like that, something that makes you actually recall each and every word in the passphrase.
Dabs
Legendary
*
Offline Offline

Activity: 3416
Merit: 1912


The Concierge of Crypto


View Profile
November 20, 2013, 04:11:15 AM
 #14

I'll email myself a story, just a few sentences long.
I'll send this mnemonic to my yahoo and gmail accounts.
Comments, criticisms, suggestions?

Don't email it, even to yourself. Just a suggestion.

For the amount of trouble, keeping it on your person is a much better idea. Stitching on your clothes is also a good idea.

Some other ideas: money belts.

Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!