Bitcoin Forum
July 18, 2018, 08:21:01 PM *
News: Latest stable version of Bitcoin Core: 0.16.1  [Torrent]. (New!)
 
   Home   Help Search Donate Login Register  
Pages: « 1 ... 1383 1384 1385 1386 1387 1388 1389 1390 1391 1392 1393 1394 1395 1396 1397 1398 1399 1400 1401 1402 1403 1404 1405 1406 1407 1408 1409 1410 1411 1412 1413 1414 1415 1416 1417 1418 1419 1420 1421 1422 1423 1424 1425 1426 1427 1428 1429 1430 1431 1432 [1433] 1434 1435 1436 1437 1438 1439 1440 1441 1442 1443 1444 1445 1446 1447 1448 1449 1450 1451 1452 1453 1454 1455 1456 1457 1458 1459 1460 1461 1462 1463 1464 1465 1466 1467 1468 1469 1470 1471 1472 1473 1474 1475 1476 1477 1478 1479 1480 1481 1482 1483 ... 1990 »
  Print  
Author Topic: [XMR] Monero - A secure, private, untraceable cryptocurrency  (Read 4245325 times)
aiwe
Legendary
*
Offline Offline

Activity: 980
Merit: 1068


karbo.io


View Profile WWW
January 03, 2016, 04:54:22 PM
 #28641

Once I lost (luckily small amount of) Bitcoin from address generated by some paperwallet site using 'brain wallet' shit option - custom phrase entered. So, in seconds after change from transaction went to that address it was withdrawn bo some clever bastard owner of 1LdUHTEVxWJhrhKfy4H3VuYDnTHQVjsdBn.

Therefore my question: is it safe to use custom entropy?

I'm afraid, human brain is not good at providing uncrackable one.




Upd.: Shit it was not small, - I could bought ONE monero for those satoshies. And they were stolen..

█████▄▄██████████▄▄█████
███▄████████████████▄███
████████████████████████
██████████████████████
█████████████████████
████████████████████████
████████████████████████
█████████████████████
████████████████████████
██████████████████████
██▀██████████████████▀██
████▀▀████████████▀▀████
    Ҝ
Ҝ
Ҝ
    Ҝ
Ҝ
Ҝ
  · Anonymity by CryptoNote
· Zero premine & instamine
· Low transaction fee
1531945261
Hero Member
*
Offline Offline

Posts: 1531945261

View Profile Personal Message (Offline)

Ignore
1531945261
Reply with quote  #2

1531945261
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1531945261
Hero Member
*
Offline Offline

Posts: 1531945261

View Profile Personal Message (Offline)

Ignore
1531945261
Reply with quote  #2

1531945261
Report to moderator
1531945261
Hero Member
*
Offline Offline

Posts: 1531945261

View Profile Personal Message (Offline)

Ignore
1531945261
Reply with quote  #2

1531945261
Report to moderator
1531945261
Hero Member
*
Offline Offline

Posts: 1531945261

View Profile Personal Message (Offline)

Ignore
1531945261
Reply with quote  #2

1531945261
Report to moderator
MoneroMooo
Legendary
*
Offline Offline

Activity: 1224
Merit: 1001



View Profile
January 03, 2016, 05:17:57 PM
 #28642

Therefore my question: is it safe to use custom entropy?

That's a bit like getting in a plane cockpit in flight, and wondering: is it safe to disable the autopilot ?

For some, it will be. For most... it will be down to this:

I'm afraid, human brain is not good at providing uncrackable one.

                 ▄▄▄▄██████▄▄▄▄
             ▄▄███████████████████▄▄        █
          ▄████████▀▀▀     ▀▀▀████████    ██
        ▄█████▀▀                 ▀▀█████████
      ▄████▀                         ██████
     ████                     ▄▄▄██████████
    ████               ▄▄▄▄██████████████████
   ████            ▄▄██████████████▀▀▀ ▄█ ████
  ████          ▄█████████████▀▀ ▄▄▄████   ████
 ▐███         ▄███████████▀▀ ▄▄████████    ████▌
 ████        █████████▀▀ ▄▄███████████▀     ████
 ███▌       ███████▀ ▄▄██████████████▀      ▐███
 ███▌      ██████▀ ▄██████████████▀▀        ▐███
 ████     █████▀   █▀▀                      ████
 ▐███     ████  ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄██▀         ████▌
  ████   ████  ████████████████▀           ████
   ████  ███  █▀▀                         ████
    ████ ███   ▄▄▄▄▄▄▄▄▄▄▄██▀            ████
     ████ █  █████████████▀            █████▀
      █████  █▀▀                     ▄████▀
       ▀█████▄▄▄                ▄▄▄█████▀
         ▀████████▄▄▄      ▄▄▄████████▀
            ▀▀████████████████████▀▀
                 ▀▀▀▀██████▀▀▀▀

Egretia   
  World's 1st HTML5 Blockchain Engine and Platform 
                 ▬▬▬▬▬▬▬▬▬▬▬▬▬▬  Public Sale Starts on May 26 2018!         
   [ ANN THREAD ]

▬▬

TELEGRAM           ● TWITTER
              ● FACEBOOK           ● LINKEDIN
REDDIT           ● BOUNTY THREAD
dEBRUYNE
Legendary
*
Offline Offline

Activity: 1456
Merit: 1076


View Profile
January 03, 2016, 05:18:09 PM
 #28643

Once I lost (luckily small amount of) Bintoin from address generated by some paperwallet site using 'brain wallet' shit option - custom phrase entered. So, in seconds after change from transaction went to that address it was withdrawn bo some clever bastard owner of 1LdUHTEVxWJhrhKfy4H3VuYDnTHQVjsdBn.

Therefore my question: is it safe to use custom entropy?

I'm afraid, human brain is not good at providing uncrackable one.




Upd.: Shit it was not small, - I could bought ONE monero for those satoshies. And they were stolen..

Generally not, just use the normal one. Custom entropies are risky and should only be used if you know what you are doing.

Privacy matters, use Monero - A true untraceable cryptocurrency
Why Monero matters? http://weuse.cash/2016/03/05/bitcoiners-hedge-your-position/
medusa13
Hero Member
*****
Offline Offline

Activity: 710
Merit: 500

hello world


View Profile
January 03, 2016, 10:31:17 PM
 #28644

hi guys, still haveing some troubles with 0.9.

after deleting .bin, the balance shown in simplewallet is now correct.

but if i try to send funds, i get :

Code:
2016-Jan-03 23:26:54.722493 [RPC1]transaction with hash aab282164e86b322823fe99e9595fecce2505d0e322ad4dacfcaa24331f36bbd not found in db
2016-Jan-03 23:26:54.722493 [RPC1]Transaction with id= <aab282164e86b322823fe99e9595fecce2505d0e322ad4dacfcaa24331f36bbd> used already spent key images
2016-Jan-03 23:26:54.722493 [RPC1]Transaction verification failed: <aab282164e86b322823fe99e9595fecce2505d0e322ad4dacfcaa24331f36bbd>

dont know what it is..is a trx of mine stuck in mempool?


XMR Monero
oblox
Legendary
*
Offline Offline

Activity: 1092
Merit: 1018


View Profile
January 03, 2016, 11:13:11 PM
 #28645

hi guys, still haveing some troubles with 0.9.

after deleting .bin, the balance shown in simplewallet is now correct.

but if i try to send funds, i get :

Code:
2016-Jan-03 23:26:54.722493 [RPC1]transaction with hash aab282164e86b322823fe99e9595fecce2505d0e322ad4dacfcaa24331f36bbd not found in db
2016-Jan-03 23:26:54.722493 [RPC1]Transaction with id= <aab282164e86b322823fe99e9595fecce2505d0e322ad4dacfcaa24331f36bbd> used already spent key images
2016-Jan-03 23:26:54.722493 [RPC1]Transaction verification failed: <aab282164e86b322823fe99e9595fecce2505d0e322ad4dacfcaa24331f36bbd>

dont know what it is..is a trx of mine stuck in mempool?



Doesn't appear to be in a block yet:

http://moneroblocks.eu/search/aab282164e86b322823fe99e9595fecce2505d0e322ad4dacfcaa24331f36bbd
smooth
Legendary
*
Offline Offline

Activity: 1834
Merit: 1047



View Profile
January 03, 2016, 11:40:12 PM
 #28646

Once I lost (luckily small amount of) Bitcoin from address generated by some paperwallet site using 'brain wallet' shit option - custom phrase entered. So, in seconds after change from transaction went to that address it was withdrawn bo some clever bastard owner of 1LdUHTEVxWJhrhKfy4H3VuYDnTHQVjsdBn.

Therefore my question: is it safe to use custom entropy?

Given the stated use case above it should be safe, assuming you trust the manufacturer of the coin and the coin itself has been kept secure from disclosure of the coin ID.

A "strong" password helps a bit but most of the security comes from the coin ID itself.

Although....I'd suggest using slow hash for key stretching as the simplewallet password does. That all but precludes any useful brute forcing of passwords. I thought that was in the standard for physical coin keys, but maybe not.



binaryFate
Legendary
*
Offline Offline

Activity: 1344
Merit: 1001


Still wild and free


View Profile
January 03, 2016, 11:46:44 PM
 #28647

A "strong" password helps a bit but most of the security comes from the coin ID itself.

If you want to be reasonably paranoid, you must assume that between production and shipping, the coin ID is compromised.
I'd personally make sure the entropy of my password is fine by itself.


Monero's privacy and therefore fungibility are MUCH stronger than Bitcoin's. 
This makes Monero a better candidate to deserve the term "digital cash".
smooth
Legendary
*
Offline Offline

Activity: 1834
Merit: 1047



View Profile
January 03, 2016, 11:48:44 PM
 #28648

A "strong" password helps a bit but most of the security comes from the coin ID itself.

If you want to be reasonably paranoid, you must assume that between production and shipping, the coin ID is compromised.
I'd personally make sure the entropy of my password is fine by itself.

If you're going to do that, you might as well just use a paper wallet (which I personally recommend). There is no way you will ever have a strong password that doesn't need to be written down. Brain wallets don't work.
Wolf0
Legendary
*
Offline Offline

Activity: 1834
Merit: 1002


Miner Developer


View Profile
January 04, 2016, 12:06:20 AM
 #28649

A "strong" password helps a bit but most of the security comes from the coin ID itself.

If you want to be reasonably paranoid, you must assume that between production and shipping, the coin ID is compromised.
I'd personally make sure the entropy of my password is fine by itself.

If you're going to do that, you might as well just use a paper wallet (which I personally recommend). There is no way you will ever have a strong password that doesn't need to be written down. Brain wallets don't work.


False - it's possible, most people just don't do it.

Code:
Donations: BTC: 1WoLFdwcfNEg64fTYsX1P25KUzzSjtEZC -- XMR: 45SLUTzk7UXYHmzJ7bFN6FPfzTusdUVAZjPRgmEDw7G3SeimWM2kCdnDQXwDBYGUWaBtZNgjYtEYA22aMQT4t8KfU3vHLHG
binaryFate
Legendary
*
Offline Offline

Activity: 1344
Merit: 1001


Still wild and free


View Profile
January 04, 2016, 12:15:49 AM
 #28650

A "strong" password helps a bit but most of the security comes from the coin ID itself.

If you want to be reasonably paranoid, you must assume that between production and shipping, the coin ID is compromised.
I'd personally make sure the entropy of my password is fine by itself.

If you're going to do that, you might as well just use a paper wallet (which I personally recommend). There is no way you will ever have a strong password that doesn't need to be written down. Brain wallets don't work.


Plain brain wallets don't, and I agree to discourage anyone to use them.

However you can produce secure brain wallets with for instance a mechanism involving a large number of different hashing functions.
Simple example, assuming my brain wallet is 12MD516SHAparmiggianoIsMySalt. (This is easy to remember if you read that word by word).
I would probably still remember, even after some years, that I have to find the secret key by applying 12 times MD5, 16 times SHA256, to that very password itself.
Code:
p="12RIPEMD16SHAparmiggianoIsMySalt" ; for i in `seq 1 12`; do for j in `seq 1 16`; do p=`echo $p | md5sum` ; done; p=`echo $p | sha256sum`; done ; echo "sk = $p" | cut -d ' ' -f 1-3
Ok, maybe I won't remember that I have to use nested loops, but since I created the scheme to start with, I wouldn't give up and keep fiddling around, testing few stuff and would eventually find my secret key with coins on it.

Not that I encourage anyone to use this, this is simply an example showing that brainwallets can include more entropy than the sole characters they contain. They can include additional entropy due to a particular semantic you attach to them. The idea is to use a semantic that is obvious to you once you read (ie, remember) the word, but hard enough that nobody can enumerate over it easily. Ideally you create your very own semantic for a handfull of critical brain wallets (or for those you create in 2015, or...), and don't disclose your logic to anyone.

Monero's privacy and therefore fungibility are MUCH stronger than Bitcoin's. 
This makes Monero a better candidate to deserve the term "digital cash".
Johnny Mnemonic
Hero Member
*****
Offline Offline

Activity: 774
Merit: 505



View Profile
January 04, 2016, 12:17:28 AM
 #28651

A "strong" password helps a bit but most of the security comes from the coin ID itself.

If you want to be reasonably paranoid, you must assume that between production and shipping, the coin ID is compromised.
I'd personally make sure the entropy of my password is fine by itself.

If you're going to do that, you might as well just use a paper wallet (which I personally recommend). There is no way you will ever have a strong password that doesn't need to be written down. Brain wallets don't work.


False - it's possible, most people just don't do it.

And the ones who do occasionally forget their passwords, because they go so long without needing to recall it. It's possible but hardly practical.
smooth
Legendary
*
Offline Offline

Activity: 1834
Merit: 1047



View Profile
January 04, 2016, 12:29:45 AM
 #28652

However you can produce secure brain wallets with for instance a mechanism involving a large number of different hashing functions.

I doubt it. If enough people start doing that, password brute forcers will do it too, the same way they use combinations of words, phrases, common transformations, etc. All you are doing with these sorts of combinations is adding a relatively small number of entropy bits for the various ways that hash functions can be combined.

Key stretching does work but that relies on the hash function being slow, which is somewhat fragile long term.

Wolf0
Legendary
*
Offline Offline

Activity: 1834
Merit: 1002


Miner Developer


View Profile
January 04, 2016, 12:31:02 AM
 #28653

However you can produce secure brain wallets with for instance a mechanism involving a large number of different hashing functions.

I doubt it. If enough people start doing that, password brute forcers will do it too, the same way they use combinations of words, phrases, common transformations, etc. All you are doing with these sorts of combinations are adding a relatively small number of entropy bits for the various ways that hash functions can be combined.

Key stretching does work but that relies on the hash function being slow, which is somewhat fragile long term.



You simply need a good memory. I can remember 25 - 30 completely random ASCII chars if I practice it for a bit. A good enough KDF ensures key derivation is slow - it's perfectly fine; just don't be an idiot.

Code:
Donations: BTC: 1WoLFdwcfNEg64fTYsX1P25KUzzSjtEZC -- XMR: 45SLUTzk7UXYHmzJ7bFN6FPfzTusdUVAZjPRgmEDw7G3SeimWM2kCdnDQXwDBYGUWaBtZNgjYtEYA22aMQT4t8KfU3vHLHG
binaryFate
Legendary
*
Offline Offline

Activity: 1344
Merit: 1001


Still wild and free


View Profile
January 04, 2016, 12:35:21 AM
 #28654

However you can produce secure brain wallets with for instance a mechanism involving a large number of different hashing functions.

I doubt it. If enough people start doing that, password brute forcers will do it too, the same way they use combinations of words, phrases, common transformations, etc. All you are doing with these sorts of combinations are adding a relatively small number of entropy bits for the various ways that hash functions can be combined.

Key stretching does work but that relies on the hash function being slow, which is somewhat fragile long term.



Right, but this is just one example. The point is to have some semantic to apply to your password, that you never disclose. For me a mini computer program could do the trick but for somebody else it could be something else.
But this is not practical or advisable for the masses, I agree.

EDIT: in the example scheme of having N repetitions of hashing functions, it also has the additional personal advantage that I can choose roughly how much time I'll need to get my secret key. (Assuming I don't put my hand on ASICS for all hashing functions involved). So for an important brain wallet I can make it roughly 24h on a typical computer, and be sure I wouldn't spend it drunk.

Monero's privacy and therefore fungibility are MUCH stronger than Bitcoin's. 
This makes Monero a better candidate to deserve the term "digital cash".
Wolf0
Legendary
*
Offline Offline

Activity: 1834
Merit: 1002


Miner Developer


View Profile
January 04, 2016, 02:34:35 AM
 #28655

A "strong" password helps a bit but most of the security comes from the coin ID itself.

If you want to be reasonably paranoid, you must assume that between production and shipping, the coin ID is compromised.
I'd personally make sure the entropy of my password is fine by itself.

If you're going to do that, you might as well just use a paper wallet (which I personally recommend). There is no way you will ever have a strong password that doesn't need to be written down. Brain wallets don't work.


False - it's possible, most people just don't do it.

And the ones who do occasionally forget their passwords, because they go so long without needing to recall it. It's possible but hardly practical.

I don't - I have to reboot around once a week at least. Considering kexec so I can upgrade the kernel without doing so, though.

Code:
Donations: BTC: 1WoLFdwcfNEg64fTYsX1P25KUzzSjtEZC -- XMR: 45SLUTzk7UXYHmzJ7bFN6FPfzTusdUVAZjPRgmEDw7G3SeimWM2kCdnDQXwDBYGUWaBtZNgjYtEYA22aMQT4t8KfU3vHLHG
birr
Hero Member
*****
Offline Offline

Activity: 718
Merit: 502


View Profile
January 04, 2016, 03:13:07 AM
 #28656

Everybody's different, but I don't trust myself to remember 100 bits or more of information.  Recording a mnemonic effects a massive reduction in the information I need to retain.
iCEBREAKER
Legendary
*
Offline Offline

Activity: 1988
Merit: 1043


Crypto is the separation of Power and State.


View Profile WWW
January 04, 2016, 07:06:07 AM
 #28657

A "strong" password helps a bit but most of the security comes from the coin ID itself.

If you want to be reasonably paranoid, you must assume that between production and shipping, the coin ID is compromised.
I'd personally make sure the entropy of my password is fine by itself.

If you don't use it at the very beginning or end, a compromised coin ID is still useful to salt/stretch something human-memorable, especially if you tweak it a bit.

http://rumkin.com/tools/password/passchk.php

Apparently generating strong pass-phrases is within my skill set.   Cool

But (IIRC) brainwallet.org did something silly, which reduced the entropy of even the strongest phrases to a weak maximum?

Oh bother, I really should move those coins to the Trezor....if they are still there.   Undecided


in the example scheme of having N repetitions of hashing functions, it also has the additional personal advantage that I can choose roughly how much time I'll need to get my secret key. (Assuming I don't put my hand on ASICS for all hashing functions involved). So for an important brain wallet I can make it roughly 24h on a typical computer, and be sure I wouldn't spend it drunk.

Out-of-band OP_HODL.  Now that is sweet!   Cool


██████████
█████████████████
██████████████████████
█████████████████████████
████████████████████████████
████
████████████████████████
█████
███████████████████████████
█████
███████████████████████████
██████
████████████████████████████
██████
████████████████████████████
██████
████████████████████████████
██████
███████████████████████████
██████
██████████████████████████
█████
███████████████████████████
█████████████
██████████████
████████████████████████████
█████████████████████████
██████████████████████
█████████████████
██████████

Monero
"The difference between bad and well-developed digital cash will determine
whether we have a dictatorship or a real democracy." 
David Chaum 1996
"Fungibility provides privacy as a side effect."  Adam Back 2014
Buy and sell XMR near you
P2P Exchange Network
Buy XMR with fiat
medusa13
Hero Member
*****
Offline Offline

Activity: 710
Merit: 500

hello world


View Profile
January 04, 2016, 02:54:55 PM
 #28658

hi guys, still haveing some troubles with 0.9.

after deleting .bin, the balance shown in simplewallet is now correct.

but if i try to send funds, i get :

Code:
2016-Jan-03 23:26:54.722493 [RPC1]transaction with hash aab282164e86b322823fe99e9595fecce2505d0e322ad4dacfcaa24331f36bbd not found in db
2016-Jan-03 23:26:54.722493 [RPC1]Transaction with id= <aab282164e86b322823fe99e9595fecce2505d0e322ad4dacfcaa24331f36bbd> used already spent key images
2016-Jan-03 23:26:54.722493 [RPC1]Transaction verification failed: <aab282164e86b322823fe99e9595fecce2505d0e322ad4dacfcaa24331f36bbd>

dont know what it is..is a trx of mine stuck in mempool?



Doesn't appear to be in a block yet:

http://moneroblocks.eu/search/aab282164e86b322823fe99e9595fecce2505d0e322ad4dacfcaa24331f36bbd

the trxid is just an example..

the problem is it says that its allready used..but its not. i want to empty this wallet but i can not make any transactions.

sometimes i have success making small trx, but the big part is not moveable because of this.

any ideas?

XMR Monero
dEBRUYNE
Legendary
*
Offline Offline

Activity: 1456
Merit: 1076


View Profile
January 04, 2016, 03:00:58 PM
 #28659

hi guys, still haveing some troubles with 0.9.

after deleting .bin, the balance shown in simplewallet is now correct.

but if i try to send funds, i get :

Code:
2016-Jan-03 23:26:54.722493 [RPC1]transaction with hash aab282164e86b322823fe99e9595fecce2505d0e322ad4dacfcaa24331f36bbd not found in db
2016-Jan-03 23:26:54.722493 [RPC1]Transaction with id= <aab282164e86b322823fe99e9595fecce2505d0e322ad4dacfcaa24331f36bbd> used already spent key images
2016-Jan-03 23:26:54.722493 [RPC1]Transaction verification failed: <aab282164e86b322823fe99e9595fecce2505d0e322ad4dacfcaa24331f36bbd>

dont know what it is..is a trx of mine stuck in mempool?



Doesn't appear to be in a block yet:

http://moneroblocks.eu/search/aab282164e86b322823fe99e9595fecce2505d0e322ad4dacfcaa24331f36bbd

the trxid is just an example..

the problem is it says that its allready used..but its not. i want to empty this wallet but i can not make any transactions.

sometimes i have success making small trx, but the big part is not moveable because of this.

any ideas?

I suggest contacting MoneroMooo or one of the other core-team members on IRC (#monero at freenode), they will probably be able to help you faster.

Privacy matters, use Monero - A true untraceable cryptocurrency
Why Monero matters? http://weuse.cash/2016/03/05/bitcoiners-hedge-your-position/
dEBRUYNE
Legendary
*
Offline Offline

Activity: 1456
Merit: 1076


View Profile
January 04, 2016, 03:11:06 PM
 #28660

@medusa13, have you tried this already? (Doing both steps!)

It may well be that your wallet's idea of what outputs are spent got out of sync with the blockchain. I believe there is a bug there. One thing you can try that's pretty fast (assuming you're running your own daemon):
- run simplewallet with --trusted-daemon
- in simplewallet, run: rescan_spent

You can also run this in the daemon:
print_pool_sh

If you see your tx, it means it's not being mined. In this case, the likely reason is that it's a double spend caused by the sync problem above.



Privacy matters, use Monero - A true untraceable cryptocurrency
Why Monero matters? http://weuse.cash/2016/03/05/bitcoiners-hedge-your-position/
Pages: « 1 ... 1383 1384 1385 1386 1387 1388 1389 1390 1391 1392 1393 1394 1395 1396 1397 1398 1399 1400 1401 1402 1403 1404 1405 1406 1407 1408 1409 1410 1411 1412 1413 1414 1415 1416 1417 1418 1419 1420 1421 1422 1423 1424 1425 1426 1427 1428 1429 1430 1431 1432 [1433] 1434 1435 1436 1437 1438 1439 1440 1441 1442 1443 1444 1445 1446 1447 1448 1449 1450 1451 1452 1453 1454 1455 1456 1457 1458 1459 1460 1461 1462 1463 1464 1465 1466 1467 1468 1469 1470 1471 1472 1473 1474 1475 1476 1477 1478 1479 1480 1481 1482 1483 ... 1990 »
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!