DannyHamilton
Legendary
Offline
Activity: 3402
Merit: 4656
|
|
December 07, 2014, 07:15:19 PM |
|
Again there is still 1 BTC there.
Steal it (oh yes - I forgot - you can't).
There is a vehicle in Alaska right now that is unlocked with the keys in the ignition. Go ahead, steal it. Oh yes, I forgot, you can't. Therefore, it must be comeplete secure from anyone ever stealing it.
|
|
|
|
CIYAM (OP)
Legendary
Offline
Activity: 1890
Merit: 1078
Ian Knowles - CIYAM Lead Developer
|
|
December 07, 2014, 07:15:46 PM |
|
My point is that you can't assume, just because nobody has written the correct software to crack your brainwallet, that nobody ever will. You also can't assume that nobody in the entire world will every attempt to store their bitcoins using the exact same method as you (completely by coincidence) and stumble upon your bitcoins.
No one is assuming anything other than that. This is about entropy - if my passphrase entropy is not good enough then the funds will be stolen.
|
|
|
|
CIYAM (OP)
Legendary
Offline
Activity: 1890
Merit: 1078
Ian Knowles - CIYAM Lead Developer
|
|
December 07, 2014, 07:17:42 PM |
|
Therefore, it must be comeplete secure from anyone ever stealing it.
Sure - let's just get back to the address I mentioned and the funds - not some imaginary situation.
|
|
|
|
DannyHamilton
Legendary
Offline
Activity: 3402
Merit: 4656
|
|
December 07, 2014, 07:19:28 PM |
|
This is about entropy - if my passphrase entropy is not good enough then the funds will be stolen.
Correct. And the human mind is incapable of useful amounts of entropy. Anything that any person in the world is capable of thinking, someone else in the world can also think. We are deterministic creatures that are limited by our minds. Clearly nobody has emptied the address yet, but that is a very bad way of determining if something is secure or not.
|
|
|
|
DannyHamilton
Legendary
Offline
Activity: 3402
Merit: 4656
|
|
December 07, 2014, 07:20:06 PM |
|
Therefore, it must be comeplete secure from anyone ever stealing it.
Sure - let's just get back to the address I mentioned and the funds - not some imaginary situation. Just making a very obvious point about the flaw in your reasoning.
|
|
|
|
CIYAM (OP)
Legendary
Offline
Activity: 1890
Merit: 1078
Ian Knowles - CIYAM Lead Developer
|
|
December 07, 2014, 07:20:46 PM |
|
Clearly nobody has emptied the address yet, but that is a very bad way of determining if something is secure or not.
Well - if no-one can empty my address then how would you explain that? (luck?)
|
|
|
|
DannyHamilton
Legendary
Offline
Activity: 3402
Merit: 4656
|
|
December 07, 2014, 07:24:07 PM |
|
Clearly nobody has emptied the address yet, but that is a very bad way of determining if something is secure or not.
Well - if no-one can empty my address then how would you explain that? (luck?) There is a difference between "nobody can empty my address" and "nobody has emptied my address". Just like there is a difference between "nobody can steal my car" and "nobody has stolen my car". You can't equate the fact that the funds haven't been taken with the concept that the funds can't be taken.
|
|
|
|
CIYAM (OP)
Legendary
Offline
Activity: 1890
Merit: 1078
Ian Knowles - CIYAM Lead Developer
|
|
December 07, 2014, 07:26:51 PM |
|
You can't equate the fact that the funds haven't been taken with the concept that the funds can't be taken.
You are really *reaching with this* - so you think that someone has worked out my private key and not taken the funds. Then I'd ask that person to sign a message showing that they have the private key otherwise your post is rather ridiculous.
|
|
|
|
jonald_fyookball
Legendary
Offline
Activity: 1302
Merit: 1004
Core dev leaves me neg feedback #abuse #political
|
|
December 07, 2014, 07:31:25 PM |
|
This is about entropy - if my passphrase entropy is not good enough then the funds will be stolen.
Correct. And the human mind is incapable of useful amounts of entropy. This is definitely debatable, and I would personally disagree with this statement. I've already given a method that demonstrates how you can generate high entropy. Anything that any person in the world is capable of thinking, someone else in the world can also think. We are deterministic creatures that are limited by our minds.
While both of these statements are somewhat true, neither preclude generation of entropy, and you're ignoring several important facts. Namely, that there is a large number of distinct words/thoughts/things that exist...and while our thoughts may ultimately be deterministic, there is no meaningful way to predict them. Furthermore, we all have unique experiences, memories, and brains, so we will come up with different thoughts. Even our own selves will come up with different thought patterns on different days and there is no way to predict them. Combine that with enough components to a brain wallet phrase, and high entropy is possible.
|
|
|
|
exoton
|
|
December 07, 2014, 08:31:22 PM |
|
Clearly nobody has emptied the address yet, but that is a very bad way of determining if something is secure or not.
Well - if no-one can empty my address then how would you explain that? (luck?) There is a difference between "nobody can empty my address" and "nobody has emptied my address". Just like there is a difference between "nobody can steal my car" and "nobody has stolen my car". You can't equate the fact that the funds haven't been taken with the concept that the funds can't be taken. The thing is that in order to steal a car, you need to be physically present while you do not even to be connected to the internet to crack a brain wallet (you only need a 'somewhat' up to date version of the blockchain. The level of entropy that a brain wallet will use is not enough to keep it secure over the long term. This is especially true as ASICs are being made for scrypt based altcoins, which means that it will eventually be more profitable to re-purpose GPUs to attempt to mine brain wallets (which means more effort will be put into finding a brain wallet). I think that brain wallets may be secure for short term storage under certain circumstances (for example if you are crossing the border and/or going to be going to jail for a short time). I also think the fact that no one has stolen your 1 BTC means that no one has found the private key. It is a known fact that some people "test" their brain wallet with small amounts of bitcoin to see if the money is quickly stolen and if so don't put what they "really" intended to put in it, and as a result people who are farming brain wallets will not always take the balance from a brain wallet just because there is a balance in it
|
|
|
|
teukon
Legendary
Offline
Activity: 1246
Merit: 1004
|
|
December 07, 2014, 08:53:07 PM |
|
Does anyone here mind telling me what a Brain wallet is please ? Basically you remember your Private key from your Wallet or how does it work exactly ? A brain wallet is a wallet where all the information needed to spend the held bitcoins is memorised. Memorising a private key (or extended private key: BIP-0032) is one simple way of doing this. You might also memorise the essential contents of some service's paper-wallet backup (related reading: BIP-0039). Some people will generate a passphrase themselves and take some 256-bit hash of that passphrase to be used as a private key. However, it is common for people to create insufficient entropy in this process and thereby run the risk of having their bitcoins stolen. silver fish kracker utoob the noob with phat boobs.
you can see were getting into serious entropy already.
I don't see. How much entropy do you have here?
|
|
|
|
jonald_fyookball
Legendary
Offline
Activity: 1302
Merit: 1004
Core dev leaves me neg feedback #abuse #political
|
|
December 07, 2014, 09:17:00 PM |
|
Does anyone here mind telling me what a Brain wallet is please ? Basically you remember your Private key from your Wallet or how does it work exactly ? A brain wallet is a wallet where all the information needed to spend the held bitcoins is memorised. Memorising a private key (or extended private key: BIP-0032) is one simple way of doing this. You might also memorise the essential contents of some service's paper-wallet backup (related reading: BIP-0039). Some people will generate a passphrase themselves and take some 256-bit hash of that passphrase to be used as a private key. However, it is common for people to create insufficient entropy in this process and thereby run the risk of having their bitcoins stolen. silver fish kracker utoob the noob with phat boobs.
you can see were getting into serious entropy already.
I don't see. How much entropy do you have here? Very conservatively, that would be about 27 bits of entropy minimum, since you have 4 words. (sliver fish kracker utoob). The assumption is there would be minimum of 100 words people would choose. 100^4 = 100,000,000 combinations. As I mentioned, you would need a 24 word passphrase to generate 160 bits of entropy.
|
|
|
|
jabo38
Legendary
Offline
Activity: 1232
Merit: 1001
mining is so 2012-2013
|
|
December 07, 2014, 10:03:25 PM |
|
I bet nobody gets your Bitcoin.
|
|
|
|
exoton
|
|
December 07, 2014, 10:35:22 PM |
|
Does anyone here mind telling me what a Brain wallet is please ? Basically you remember your Private key from your Wallet or how does it work exactly ? A brain wallet is a wallet where all the information needed to spend the held bitcoins is memorised. Memorising a private key (or extended private key: BIP-0032) is one simple way of doing this. You might also memorise the essential contents of some service's paper-wallet backup (related reading: BIP-0039). Some people will generate a passphrase themselves and take some 256-bit hash of that passphrase to be used as a private key. However, it is common for people to create insufficient entropy in this process and thereby run the risk of having their bitcoins stolen. silver fish kracker utoob the noob with phat boobs.
you can see were getting into serious entropy already.
I don't see. How much entropy do you have here? Very conservatively, that would be about 27 bits of entropy minimum, since you have 4 words. (sliver fish kracker utoob). The assumption is there would be minimum of 100 words people would choose. 100^4 = 100,000,000 combinations. As I mentioned, you would need a 24 word passphrase to generate 160 bits of entropy. I disagree with your assumption. There are roughly 1 million words in the English dictionary. One a potential attacker knew that a passphraise was going to be exactly 4 English words, then the number of potential combinations would be 1,000,000^4 which is 1 * 10^24. While this may sound like a lot, you need to understand that testing one combination would generally take the same amount of computing power to make one "hash". You also need to understand that "mining" brain wallet addresses is not the same as mining Bitcoin blocks as once you check an address, you will forever know what the private key is to an associated public address
|
|
|
|
jonald_fyookball
Legendary
Offline
Activity: 1302
Merit: 1004
Core dev leaves me neg feedback #abuse #political
|
|
December 07, 2014, 10:43:02 PM |
|
Does anyone here mind telling me what a Brain wallet is please ? Basically you remember your Private key from your Wallet or how does it work exactly ? A brain wallet is a wallet where all the information needed to spend the held bitcoins is memorised. Memorising a private key (or extended private key: BIP-0032) is one simple way of doing this. You might also memorise the essential contents of some service's paper-wallet backup (related reading: BIP-0039). Some people will generate a passphrase themselves and take some 256-bit hash of that passphrase to be used as a private key. However, it is common for people to create insufficient entropy in this process and thereby run the risk of having their bitcoins stolen. silver fish kracker utoob the noob with phat boobs.
you can see were getting into serious entropy already.
I don't see. How much entropy do you have here? Very conservatively, that would be about 27 bits of entropy minimum, since you have 4 words. (sliver fish kracker utoob). The assumption is there would be minimum of 100 words people would choose. 100^4 = 100,000,000 combinations. As I mentioned, you would need a 24 word passphrase to generate 160 bits of entropy. I disagree with your assumption. There are roughly 1 million words in the English dictionary. One a potential attacker knew that a passphraise was going to be exactly 4 English words, then the number of potential combinations would be 1,000,000^4 which is 1 * 10^24. While this may sound like a lot, you need to understand that testing one combination would generally take the same amount of computing power to make one "hash". You also need to understand that "mining" brain wallet addresses is not the same as mining Bitcoin blocks as once you check an address, you will forever know what the private key is to an associated public address Woah, you are missing the context here. The passphrase isnt supposed to be 4 words. It's supposed to be 24 words. I only gave 4 in a prior post to demonstrate how to get random words. Teukon asked how much entropy those 4 words would have. You can't go off a million words in the dictionary. You go off 100 words (an exaggeratedly SMALL number) to be on the safe side. If brainwallet skeptics say that "oh everyone has the same thoughts", well, assume people would choose the same 100 words over and over and go with that. So, the formula then becomes 100^24 = 160 bits of entropy.
|
|
|
|
teukon
Legendary
Offline
Activity: 1246
Merit: 1004
|
|
December 07, 2014, 11:15:10 PM Last edit: December 07, 2014, 11:48:34 PM by teukon |
|
silver fish kracker utoob the noob with phat boobs.
you can see were getting into serious entropy already.
I don't see. How much entropy do you have here? Very conservatively, that would be about 27 bits of entropy minimum, since you have 4 words. (sliver fish kracker utoob). The assumption is there would be minimum of 100 words people would choose. 100^4 = 100,000,000 combinations. As I mentioned, you would need a 24 word passphrase to generate 160 bits of entropy. Ok, I thought you were suggesting that you'd built up quite a bit more entropy than this. While I don't feel you have well-justified* that {a person looks around a room, selects an object, and makes 2 "mental hops"} generates (very conservatively) log_2(100) bits of entropy, I don't doubt that a person conscious of the subtleties of information theory would manage at least this. (*) The assumption of there being 100 different words is insufficient to justify log_2(100) bits of entropy per word. One also needs to assume that the person would select of these 100 words uniformly (each word as likely as the next) for this. In reality, some words are going to be more common than others (maybe following a Pareto distribution?), hurting the entropy, but I expect this will be made up for by a larger dictionary (400 words should easily do it and even this seems a bit conservative to me).
|
|
|
|
sangaman
|
|
December 07, 2014, 11:39:18 PM |
|
This is about entropy - if my passphrase entropy is not good enough then the funds will be stolen.
Correct. And the human mind is incapable of useful amounts of entropy. Anything that any person in the world is capable of thinking, someone else in the world can also think. We are deterministic creatures that are limited by our minds. Clearly nobody has emptied the address yet, but that is a very bad way of determining if something is secure or not. A brainwallet doesn't have to come entirely out of your own brain's "RNG." There is a lot of info our brain can and does store that is generated externally. I didn't know that anyone thought a secure (both from hacks and memory loss) brainwallet was impossible. I think that's quite clearly not the case. I personally use a brainwallet that is multiple sentences that don't appear anywhere in print or on the web, including words that don't appear in any dictionary, that has no real meaning to any strangers on the internet and which I can't even fathom forgetting. So GL to anyone who wants to crack that. Of course there are still many ways one can go wrong when attempting to use a brainwallet, but it's hardly impossibly for it to be done well.
|
|
|
|
johnyj
Legendary
Offline
Activity: 1988
Merit: 1012
Beyond Imagination
|
|
December 08, 2014, 12:40:41 AM |
|
Just watched a film "In time", when people carrying lots of times (the currency of future, embedded in the body like a brain wallet but the balance is visible on arm) walking around, they need to hire some bodyguards
|
|
|
|
qxzn
|
|
December 20, 2014, 10:11:31 PM |
|
I will say that while I do agree its possible, why not just use a RNG to help choose dictionary words? If you don't trust computers, dice or cards work great.
The human brain is far more capable than most people seem to give it credit for I agree completely... Not only on the creation of passphrases, but memory too. Even memorizing a private key isn't THAT hard. Its 64 characters, or 32 pairs (E9, B2, etc). I'm all about erring on the side of caution when it comes to money but come on, its like people have become mental midgets. If I told you you have to memorize 5 private keys by tomorrow or I'll kill your family, I bet you would be able to do it. Indeed: http://en.wikipedia.org/wiki/Akira_Haraguchi
|
|
|
|
hhanh00
|
|
December 21, 2014, 02:26:52 PM |
|
You can use anything for a brainwallet. It obviously includes seed words or a long hex string. In theory, a brainwallet has as much security as a random number generator. So why even argue that it's not the case?
@CIYAM, your experiment proves that you are capable of having a good brainwallet. Great - you have good memory and the skills to pick a high security sentence. Unfortunately, that is not the case for most of the other people and that's for them that the recommendation is. I don't recommend jumping from buildings but if you are an expert at Parkour it's easy as walking.
@Danny, I have no idea why you want to prove than any brainwallet is bad. It's easy to prove that they have the same security if used properly.
I have crappy memory so I don't use a brainwallet. Besides, there are much easier way to keep your money secure. So what's the point?
|
|
|
|
|