|
cuddaloreappu (OP)
|
 |
June 25, 2014, 04:32:37 PM |
|
I want to encrypt the private key, but which method is best, time-tested and easy to encrypt such a using passphrase.
Is pgp good or bip38 best?
where should i download a PGP encrypt and how do i encrypt?
please help
|
|
|
|
|
|
Dare
|
|
June 25, 2014, 07:26:22 PM |
|
I want to encrypt the private key, but which method is best, time-tested and easy to encrypt such a using passphrase.
Is pgp good or bip38 best?
where should i download a PGP encrypt and how do i encrypt?
please help
From my experience, bip38 is pretty secure, as long as you use a long and complex enough passphrase. If you use a few unicode characters, it's nearly unbreakable at this point; there's currently a challenge going on on Reddit that's been around a few months for crack a bip38 wallet encrypted with a few unicode characters (not stated, but all of ASCII has been bruteforced already), despite the prize being around 1BTC. I've seen PGP around enough that I believe it's secure, but I don't currently use it so I can't say for sure. |
|
|
|
DannyHamilton
Legendary
 Offline
Activity: 3486
Merit: 4832
|
|
June 25, 2014, 08:20:00 PM |
|
all of ASCII has been bruteforced already
 What are you talking about? |
|
|
|
|
|
Dare
|
|
June 25, 2014, 08:51:26 PM |
|
all of ASCII has been bruteforced already
What are you talking about? For the specific wallet posted for the Reddit challenge the sentence is about. Most people gave up after finishing the ASCII set, because it took several weeks and the Unicode keyspace was too large to search in a reasonable amount of time. The only clue for the challenge was the the passphrase was four characters, and the creator of the wallet didn't state that it included Unicode. |
|
|
|
DannyHamilton
Legendary
Offline
Activity: 3486
Merit: 4832
|
|
June 25, 2014, 08:55:55 PM |
|
all of ASCII has been bruteforced already
What are you talking about? For the specific wallet posted for the Reddit challenge the sentence is about. Most people gave up after finishing the ASCII set, because it took several weeks and the Unicode keyspace was too large to search in a reasonable amount of time. The only clue for the challenge was the the passphrase was four characters, and the creator of the wallet didn't state that it included Unicode. Ah, ok. So in the reddit challenge, the exact number of characters in the password are publicly known? |
|
|
|
|
TookDk
Legendary
Offline
Activity: 1960
Merit: 1062
One coin to rule them all
|
|
June 25, 2014, 09:03:29 PM |
|
I want to encrypt the private key, but which method is best, time-tested and easy to encrypt such a using passphrase.
Is pgp good or bip38 best?
where should i download a PGP encrypt and how do i encrypt?
please help
TrueCrypt is a good place to start. It is fairly easy to use and there is good documentation to get started. You can make a file-container for your secret key and encrypt it with AES-256 bit. You can also encrypt an entire drive, e.g. a USB drive. |
Cryptography is one of the few things you can truly trust.
|
|
|
|
Dare
|
|
June 25, 2014, 09:04:39 PM |
|
all of ASCII has been bruteforced already
What are you talking about? For the specific wallet posted for the Reddit challenge the sentence is about. Most people gave up after finishing the ASCII set, because it took several weeks and the Unicode keyspace was too large to search in a reasonable amount of time. The only clue for the challenge was the the passphrase was four characters, and the creator of the wallet didn't state that it included Unicode. Ah, ok. So in the reddit challenge, the exact number of characters in the password are publicly known? Correct, the contest was created to see how long it would take to crack. As of today, the bounty is still unclaimed. Here's the link to it, if you're interested: http://www.reddit.com/r/Bitcoin/comments/1zkcya/lets_see_how_long_it_takes_to_crack_a_4_digit/ (I know it says digit in the title, the poster quickly clarified that it was a mistake and that it's 4 characters) |
|
|
|
|
rapsaodan84
|
|
June 25, 2014, 09:12:00 PM |
|
I consider PGP safer if the private certificate has a password. It's kind of 2 factor (certificate file + password).
But BIP is easier to use. I'd recommend PGP if you plan to store for a long time, otherwise BIP.
|
|
|
|
|
|
cuddaloreappu (OP)
|
|
June 26, 2014, 01:24:12 AM |
|
thanks for all your kind replies
|
|
|
|
|
BTCINVESTOR
Full Member
Offline
Activity: 176
Merit: 101
Cryptographic money will be the bedrock in time.
|
|
July 02, 2014, 12:13:23 AM |
|
PGP
|
Math based currencies will supplant all sovereign currencies over time. Buy them now.
|
|
|
-ck
Legendary
Offline
Activity: 4284
Merit: 1645
Ruu \o/
|
|
July 03, 2014, 06:57:49 AM |
|
I use lrzip, but then I wrote it so I'm biased.
|
Developer/maintainer for cgminer, ckpool/ckproxy, and the -ck kernel
2% Fee Solo mining at solo.ckpool.org
-ck
|
|
|
|
Bernard Lerring
|
|
July 05, 2014, 04:40:13 AM |
|
If you encrypt your private key using PGP then you put yourself in a position where you have to store an extra file securely: your PGP key.
So now you have a Bitcoin key and a PGP key that must be hidden.
If you use BIP then you rely on blockchain.info staying compliant with current BIP standard in X amount of years time (and not being hacked/going out of business).
Why complicate things? Just put your (unencrypted) keys on pieces of paper somewhere that they are least likely to be found. Keep an exact copy in a loved ones house and if either of you gets burgled get your keys out ASAP and quickly move all funds to a new, temporary wallet.
|
|
|
|
|
|
