Bitcoin Forum
February 17, 2020, 03:04:17 PM *
News: Latest Bitcoin Core release: 0.19.0.1 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 [2]  All
  Print  
Author Topic: Paper Wallets  (Read 387 times)
TheDigitalMan
Newbie
*
Offline Offline

Activity: 18
Merit: 10


View Profile
September 24, 2019, 07:39:49 PM
 #21

Thanks Hero Member.

RE: "No. If someone was to try swapping every 2 character combination in a 52 digit WIF key, that is only in the region of 1300 possibilities. That could be brute forced in seconds."

I get that trying all the combinations of a 2-Character swap would be fairly easy.  And I'll accept your judgement of it not being a secure method.  But if the person did not know it was a 2 character swap what makes anyone think that they would try all those combinations?

Perhaps not only are the characters swapped but then the entire string is run through a Key Encryption Cypher to change all the characters to something else.

I'll have to give this some more thought.  I'm just trying to think of ways to make the wallet more secure without having to rent out a bank vault.  I don't intend to leave them laying around on the coffee table.  But I also do not want the private key just written out there in plain sight if someone were to find one of my wallets.

The Digital Man

1581951857
Hero Member
*
Offline Offline

Posts: 1581951857

View Profile Personal Message (Offline)

Ignore
1581951857
Reply with quote  #2

1581951857
Report to moderator
1581951857
Hero Member
*
Offline Offline

Posts: 1581951857

View Profile Personal Message (Offline)

Ignore
1581951857
Reply with quote  #2

1581951857
Report to moderator
100% First Deposit Bonus Instant Withdrawals Best Odds 10+ Sports Since 2014 No KYC Asked Play Now
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
o_e_l_e_o
Legendary
*
Offline Offline

Activity: 840
Merit: 3614


Decent


View Profile
September 24, 2019, 07:45:56 PM
 #22

But if the person did not know it was a 2 character swap what makes anyone think that they would try all those combinations?
Nothing in particular. But if someone was snooping around for your private key and found it, but then discovered it was invalid, it would be reasonable for them to assume that the string of characters they had was somehow related to your key. You have to assume they would try brute forcing various combinations, including character swaps, character substitutions, basic substitution and transposition ciphers, and so forth.

If you were to encrypt your key using a secure encryption method, then that would be very secure. However, you are now just moving the problem one step down the line: How and where are you going to securely store your decryption key?

TheDigitalMan
Newbie
*
Offline Offline

Activity: 18
Merit: 10


View Profile
September 24, 2019, 07:57:19 PM
 #23

But if the person did not know it was a 2 character swap what makes anyone think that they would try all those combinations?
Nothing in particular. But if someone was snooping around for your private key and found it, but then discovered it was invalid, it would be reasonable for them to assume that the string of characters they had was somehow related to your key. You have to assume they would try brute forcing various combinations, including character swaps, character substitutions, basic substitution and transposition ciphers, and so forth.

If you were to encrypt your key using a secure encryption method, then that would be very secure. However, you are now just moving the problem one step down the line: How and where are you going to securely store your decryption key?

I hear you.  And I appreciate the feedback and critical thinking.  However, if it is my intention to keep this private key secure then I don't see a problem.  I'm simply looking at adding another thin layer of protection to the secure method in which I intend to store the key in the first place.  Maybe suggesting it would be in my top desk drawer was a misnomer.  I'm going to sleep on this and think some more about it.  I have a trezor but I don't like keeping all my eggs in one basket so I've been thinking about putting some of it into paper wallets. Just trying to think of how to mitigate any weaknesses the paper wallet has.

The Digital Man
pooya87
Legendary
*
Offline Offline

Activity: 1918
Merit: 2341


Remember tonight for it's the beginning of forever


View Profile
September 25, 2019, 03:49:03 AM
 #24

I'll have to give this some more thought.  I'm just trying to think of ways to make the wallet more secure without having to rent out a bank vault.

why are you trying to come up with your own unique way? are you an experienced cryptographer? if not then it is always a better idea to use the already tested encryption methods that have been proposed and are in use such as BIP38 (https://github.com/bitcoin/bips/blob/master/bip-0038.mediawiki) the result would look like this:
Code:
6PRWdmoT1ZursVcr5NiD14p5bHrKVGPG7yeEoEeRb8FVaqYSHnZTLEbYsU
and since the encoding is the same Base58 (same characters) you could use crypto-steel to store it. but it will be a lot more secure since it is using strong encryption techniques (AES-256 using a stretched key).

TheDigitalMan
Newbie
*
Offline Offline

Activity: 18
Merit: 10


View Profile
September 25, 2019, 12:30:01 PM
 #25

Thank you Pooya87. 
I consider myself a middle of the road crypto user.  Not a complete expert but certainly not a complete newbie either.
I was not fully aware of the BIP38 method that you gave me a link to.  It does seem like a good solution.  I will read up on it further and experiment with it.
Thanks again for bringing my attention to it.
The Digital Man
HCP
Legendary
*
Offline Offline

Activity: 1246
Merit: 2231

<insert witty quote here>


View Profile
September 29, 2019, 04:13:07 AM
 #26

I consider myself a middle of the road crypto user.  Not a complete expert but certainly not a complete newbie either.
He wasn't saying crypto user, as in someone who uses cryptocurrencies... he was saying "cryptographer"... as in an expert in cryptography:
Quote
Cryptography: the science or study of the techniques of secret writing, especially code and cipher systems, methods, and the like.

Wink

In any case, pooya87's advice is sound... if you want to secure your paper wallet, then there is no point in reinventing the wheel. BIP38 is a tried and proven method to do so. Just make sure that you're not compromising the security of your wallets by using easily guessable password(s)! Tongue

Pages: « 1 [2]  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!