Mini private keys

[Cassius]

There's a page here: https://bitcointalk.org/index.php?topic=103939.0 about generating all-caps private keys for stamping on metal blocks for cold storage (nice idea). A mini private key would be easier, and it would be simple to generate an all-caps mini key. However it would be cryptographically weaker. The question is, how much weaker and would it be weak enough to be a bad idea?

[TurboCoin_XTB]

I think it's security is weaker and it doesn't add much.
A QR-code is easy to implement on paper or metal too, so you can use the full length of a private key.

[Cassius]

Thanks for replying. The security of a mini private key is not appreciably weaker (https://en.bitcoin.it/wiki/Talk:Mini_private_key_format)
However, it would be weaker with all caps... just not sure how much weaker.
Incidentally, how would you implement a QR code on metal?!

[TurboCoin_XTB]

Thanks for replying. The security of a mini private key is not appreciably weaker (https://en.bitcoin.it/wiki/Talk:Mini_private_key_format)
However, it would be weaker with all caps... just not sure how much weaker.
Incidentally, how would you implement a QR code on metal?!

Using a laser.

http://www.clanmedia.com/web/img/engrave2.jpg

[DeboraMeeks]

I too think this isn't a good idea,and the security of addresses and bitcoin is more important. also a QR code can be easily put on those metals and with the wide use of smartphones it might be of the same benefit.

[TurboCoin_XTB]

I too think this isn't a good idea,and the security of addresses and bitcoin is more important. also a QR code can be easily put on those metals and with the wide use of smartphones it might be of the same benefit.

I agree

[Cassius]

Thanks for the thoughts. Nice lasered QR.
From another friend:
"We're after a complexity of 160 bits and our character set would be 32: 24 letters (no I or O) and 8 numbers (no 1 or 0). Entropy is normally given as [password length] * ([log(number of characters)] / log(2)) so putting in 32 as the number of characters, 160 as the answer and rearranging to put password length on the left of the equality we get [minimum password length] = 160 / (log(32) / log(2)) = 32.  Given the first character of the minikey has to be "S" the key is only really 29 characters long so you're three characters short.  Twisting the equation round again, if you want to exceed 160 bits of entropy with a 29 character key your character set needs to consist of at least 46 characters."

In other words, a 30-char uppercase-only key does have significantly decreased security. A 33-char one does not.

[Cassius]

Incidentally, Casascius himself weighs in on this: https://bitcointalk.org/index.php?topic=81838.0
Since there is a 22-character format, the uppercase-only 30-char format is more secure.