Applying Basic Math to Secure Your Written Wallet Backups

[cryptosec.info]

One of the hurdles of using open-source wallets is keeping your recovery seed paper secure and out of reach of peering eyes. We've just recently published an article about a solution that could potentially fix this problem, by using very basic elementary mathematics.

You can read the article here: https://cryptosec.info/written-backup-encryption/

Note that in this article/method, we won't require you to buy anything, download anything, submit anything, or send us anything.

Any feedback is appreciated, especially from the experienced users and bitcoin veterans here on Bitcointalk.

Have a great day!

[1715150624]

1715150624

[1715150624]

1715150624

[hatshepsut93]

What is this, lol, a site called "cryptosec" advises people to use this crappy cipher to protect their seed - what a joke! Even Caesar cipher would be better in this case, because an attacker would have to spend a few miliseconds to bruteforce it.

If some newbie is reading it and thinks it's a good idea, this can easily lead to lose of money in the future, because the method proposed is not encryption, it's just a very weak attempt to hide the seed. Do not use any methods you read from random sites on the Internet and do not invent your own schemes, instead research strong cryptography if you want to truly protect your secrets.

[cryptosec.info]

What is this, lol, a site called "cryptosec" advises people to use this crappy cipher to protect their seed - what a joke! Even Caesar cipher would be better in this case, because an attacker would have to spend a few miliseconds to bruteforce it.

If some newbie is reading it and thinks it's a good idea, this can easily lead to lose of money in the future, because the method proposed is not encryption, it's just a very weak attempt to hide the seed. Do not use any methods you read from random sites on the Internet and do not invent your own schemes, instead research strong cryptography if you want to truly protect your secrets.

Hey hatshepsut93!

Not sure if you've misunderstood the article, but with all due respect, it was emphasized very clearly on the article AND this topic title that this method is just to make it a bit more difficult for a person to gain access to your funds if they somehow got access to your written word backup paper; and it was also mentioned that applying such method doesn't make storing your word seed online a good idea(because it never is).

In our opinion, using this very simple method is still better than simply nakedly writing your 12-24 word seed on a piece of paper.

Have a great day!

[hatshepsut93]

In our opinion, using this very simple method is still better than simply nakedly writing your 12-24 word seed on a piece of paper.

Have a great day!

It's not better than writing a seed in plaintext, it's worse, because it creates a false sense of security. We have a horrible problem in crypto ecosystem, because people don't understand the basics of cryptography, the security models, which makes them lose money in the long run - threads about someone getting their coins stolen pop up almost every day. And by advising such bad methods you only contribute to this problem, because instead of learning about proper encryption people will see this childish code and think that it's good enough for protecting their secrets. Maybe it will even inspire them to try to create another similarly bad scheme.

[o_e_l_e_o]

Using this method simply means an attacker has to pick a number, subtract it from your numbers, convert the numbers to words, and try that combination. Not knowing where in the range of 1 - 2048 your words lie, they would need to try every number from the number which makes your smallest number equal 1 to the number which makes your largest number equal 2048. Depending on which words are in your mnemonic phrase, the number of combinations an attacker would need to try is in the range of 1 to 2036. 2036 combinations can be brute-forced in a matter of seconds.

The safest way to protect your mnemonic phrase is to physically store it somewhere it will never be found. If you are absolutely intent on storing it in a way it can't be compromised if an attacker finds it, then you would be better off using something like Shamir's Secret Sharing to create a 2-of-3 back up.

[pooya87]

you should never try to re-invent cryptography methods for "encryption". at the very least when you do that, you should not call it "encryption" because it is not doing that at all.
encryption is the process of encoding an input in a way that nobody can access without having the password. at this day and age with fast computers at everybody's home the method has to be strong so that it could not be brute forced. as o_e_l_e_o pointed out what you are calling "encryption" could easily be brute forced in matter of seconds.

on top of that, in this process you have to remember or write down the number you added or you will forget it in the future. so why not simply encrypt the seed with a password using one of the known encryption methods such as AES and then write down that password?

[Lucius]

cryptosec.info, I see you read my thread in Beginners & Help and that you just changed a little an idea I wrote about. You notice that some members disagree with experiments like this, and I agree that is not any kind of encryption, but just a little camouflage of important information.

Everyone has the free will to protect their confidential information in any way, and I am sure that people come up with all sorts of weird ideas. We can share some of them publicly, maybe someone will find this information interesting or useful, others will just say that it doesn't make much sense.

[hugeblack]

The problem is not where to store your seed but to keep it in a secure environment without exposing it to discovery.
If the paper "on which these numbers are written" is discovered, it is easy to obtain your 12/24 seed words "brute force."
One safe way is to use more sophisticated encryption instead of what you said^[1].
One easy alternative that you can explain is  veracrypt^{[2] [3]} and remember your password

[1] https://www.youtube.com/watch?v=S9JGmA5_unY
[2] https://www.veracrypt.fr/
[3] https://www.youtube.com/watch?v=C25VWAGl7Tw