CIYAM (OP)
Legendary
Offline
Activity: 1890
Merit: 1078
Ian Knowles - CIYAM Lead Developer
|
|
December 21, 2014, 02:44:07 PM |
|
I have crappy memory so I don't use a brainwallet. Besides, there are much easier way to keep your money secure. So what's the point?
I guess the point I was trying to make is that although it is a skill (and I like your Parkour analogy) it is still "possible" to create good brainwallets (and I do agree that it is not a common skill and so I do understand not recommending the use of brainwallets for most). Perhaps it is the sort of "nanny state" attitude that was annoying me (so many people trying to suggest you *can't create a secure brainwallet*) so I just wanted to show people here that I actually *have* a secure brainwallet (funds are still there) and I don't think I am some sort of "freak of nature" for being able create that.
|
|
|
|
gamerholicdotcom
Newbie
Offline
Activity: 37
Merit: 0
|
|
December 21, 2014, 03:03:20 PM |
|
what means brainwallet?
|
|
|
|
548845
Newbie
Offline
Activity: 56
Merit: 0
|
|
December 21, 2014, 04:11:46 PM |
|
what means brainwallet?
Not sure if trolling but, it is basically what the word means. A wallet stored in your brain in the form of 12 words passprhase (as usual). You basically create a private key to a wallet using a 12 word passprhase. Remember, 12 words is what is usually used, you can use less or more. I would advise you to use more and like others said, use words not published anywhere before. Use slang if you wish, just make sure it's a word not published anywhere before. EDIT: here: https://brainwallet.github.io/
|
|
|
|
Soros Shorts
Donator
Legendary
Offline
Activity: 1617
Merit: 1012
|
|
December 21, 2014, 04:37:58 PM |
|
While both of these statements are somewhat true, neither preclude generation of entropy, and you're ignoring several important facts. Namely, that there is a large number of distinct words/thoughts/things that exist...and while our thoughts may ultimately be deterministic, there is no meaningful way to predict them. Furthermore, we all have unique experiences, memories, and brains, so we will come up with different thoughts. Even our own selves will come up with different thought patterns on different days and there is no way to predict them. Combine that with enough components to a brain wallet phrase, and high entropy is possible.
This is true. I had a brainwallet that was based on a regular expression to capture the words of a childhood pet phrase into non-sequential capture groups, the actual sequence being based on another number that I remember. I happen to be really good at writing regular expressions so I could just bang it away for any given phrase. I would guess that there are very few rainbow tables out there based on this. Of course, I no longer use this, having moved on to a more unique method.
|
|
|
|
franky1
Legendary
Online
Activity: 4270
Merit: 4539
|
|
December 21, 2014, 04:38:03 PM |
|
anyone thinking about using brainwallets i feel that simply typing in 12 words into brainwallet.org is risky. as many people are developing databases of attempted word combinations for instance: To improve is to change; to be perfect is to change often.
is not unique. and can be predicted within a couple weeks of trying different combinations. BUT if we were to hash each word first. and then put the result into brainwallet converter.. then it is more secure: to=663ea1bfffe5038f3f0cf667f14c4257eff52d77ce7f2a218f72e9286616ea39 improve=2b35ed6944dd2e8f7462b14096e8969711280dffe1457a680c885a95127e426c is=fa51fd49abf67705d6a35d18218c115ff5633aec1f9ebfdc9d5d4956416f57f6 to=663ea1bfffe5038f3f0cf667f14c4257eff52d77ce7f2a218f72e9286616ea39 change;=dc36e8b61c6627435b26da98200d6eb38a9a6feaeaae7392864b0e53e67f4932 to=663ea1bfffe5038f3f0cf667f14c4257eff52d77ce7f2a218f72e9286616ea39 be=46599c5bb5c33101f80cea8438e2228085513dbbb19b2f5ce97bd68494d3344d perfect=fafe97f7def328bbd4f10779b9625a8aa0bfaa143d7ae64e6f5770e47b51cd1d is=fa51fd49abf67705d6a35d18218c115ff5633aec1f9ebfdc9d5d4956416f57f6 to=663ea1bfffe5038f3f0cf667f14c4257eff52d77ce7f2a218f72e9286616ea39 change=12ea12eace7d655f471ce55e34f89b1b77a3d9d05a445ca82877dd2235beaa51 often.=b0c347a4cd46f0a96e83fa2b63d8611511c5bb5dc986406e88674b3fb3e54ad3 the entropy alone is atleast 10 times longer. yet all you have to do is in your mind remember the 12 words and then use a sha encryptor before pasting the result into a brain wallet converter.
|
I DO NOT TRADE OR ACT AS ESCROW ON THIS FORUM EVER. Please do your own research & respect what is written here as both opinion & information gleaned from experience. many people replying with insults but no on-topic content substance, automatically are 'facepalmed' and yawned at
|
|
|
CIYAM (OP)
Legendary
Offline
Activity: 1890
Merit: 1078
Ian Knowles - CIYAM Lead Developer
|
|
December 21, 2014, 04:45:52 PM |
|
Although I am not going to give out any precise clues as to how I created my own brainwallet clearly words that appear in any dictionary are not what you should use (and hashes of dictionary words are really no better).
If you were going to use hashing then you'd want to use "salt" and "rounds" also (and in any case is not really a "brainwallet" anymore as now you need software to unlock it).
|
|
|
|
franky1
Legendary
Online
Activity: 4270
Merit: 4539
|
|
December 21, 2014, 05:47:06 PM |
|
Although I am not going to give out any precise clues as to how I created my own brainwallet clearly words that appear in any dictionary are not what you should use (and hashes of dictionary words are really no better).
If you were going to use hashing then you'd want to use "salt" and "rounds" also (and in any case is not really a "brainwallet" anymore as now you need software to unlock it).
well you need software / website/ code to unlock a brainwallet of basic phrases too.. but my example was not any software.. i just googled "sha encrypt online" much like people would google brainwallet. so there is nothing special required. but i agree that just hashing a few words is not ideal and that re-hashing and doing other things inbetween (salt/rounds) before converting to a privkey should be added.
|
I DO NOT TRADE OR ACT AS ESCROW ON THIS FORUM EVER. Please do your own research & respect what is written here as both opinion & information gleaned from experience. many people replying with insults but no on-topic content substance, automatically are 'facepalmed' and yawned at
|
|
|
CIYAM (OP)
Legendary
Offline
Activity: 1890
Merit: 1078
Ian Knowles - CIYAM Lead Developer
|
|
December 21, 2014, 06:06:07 PM |
|
well you need software / website/ code to unlock a brainwallet of basic phrases too..
True - but the simpler the software the better (in terms of being able to access your funds even when you are on holidays, etc.). And being able to sign a tx without being online is an important feature for security IMO.
|
|
|
|
franky1
Legendary
Online
Activity: 4270
Merit: 4539
|
|
December 21, 2014, 06:50:22 PM |
|
well you need software / website/ code to unlock a brainwallet of basic phrases too..
True - but the simpler the software the better (in terms of being able to access your funds even when you are on holidays, etc.). And being able to sign a tx without being online is an important feature for security IMO. whatever software/code you se t create a signed TX already includes the reference libraries/functions of SHA.. so it only takes an extra couple lines of code to turn normal dictionary words into hashed words to increase entropy. all of which can be done offline. i only mentioned that anyone can google online sha encrypt in reference to your reply that it requires extra software. all i am generally saying is that a straight 12 word dictionary listed words are not as good as hashing the words.. but i agree that adding salt and going through a few rounds to rehash and rehash it over and over again makes chances of people hacking your key even less of a possibility, whilst also making the user still only required to remember 12 words initially. id say with just 10 lines of code added to any brainwallet utility, whether its a website, java app, or executable, will strengthen the brainwallet risks without making users have to remember more then 12 words
|
I DO NOT TRADE OR ACT AS ESCROW ON THIS FORUM EVER. Please do your own research & respect what is written here as both opinion & information gleaned from experience. many people replying with insults but no on-topic content substance, automatically are 'facepalmed' and yawned at
|
|
|
CIYAM (OP)
Legendary
Offline
Activity: 1890
Merit: 1078
Ian Knowles - CIYAM Lead Developer
|
|
December 21, 2014, 06:53:11 PM |
|
id say with just 10 lines of code added to any brainwallet utility, whether its a website, java app, or executable, will strengthen the brainwallet risks without making users have to remember more then 12 words
So my guess is that you'd be surprised that my brainwallet requires no such tools and is far less than 12 words (of course there are no dictionary words involved). It was actually created as a test to see if it would have its funds stolen (I am rather surprised the funds are still there after so much time).
|
|
|
|
BusyBeaverHP
|
|
December 21, 2014, 09:50:49 PM Last edit: December 21, 2014, 10:11:17 PM by BusyBeaverHP |
|
I have crappy memory so I don't use a brainwallet. Besides, there are much easier way to keep your money secure. So what's the point?
The point is that I can cross the border naked and still be worth the private key(s) I control. I understand that the same thing can be achieved with cloud storage and conventional (bitcoin) wallet, but the personal private key generation is a much more elegant solution that bypasses several entities worth of trust compared to conventional wallets.
|
|
|
|
BusyBeaverHP
|
|
December 21, 2014, 10:06:35 PM Last edit: December 21, 2014, 10:35:34 PM by BusyBeaverHP |
|
Most people's brainwallets that failed involved obscure Afrikaan poetry, 1337 substitutions, or some type of wacky human references. Most people don't know how to leverage hashing algorithm to create an incredible amount of entropy from a simple seed.
With just SHA2, "Bitcoin", and a secret method, for example, a competent person can create a private key with probably as much entropy as SHA2 space allows, thus their brainwallet will be indistinguishable from random noise.
A demonstration:
1. SHA2(Bitcoin) = B4056DF6691F8DC72E56302DDAD345D65FEAD3EAD9299609A826E2344EB63AA4
2. B4056DF6691F8DC72E56302DDAD345D65FEAD3EAD9299609A826E2344EB63AA4 -> 6691F8DC72E56302DDAD345D65FEAD3EAD9299609A826E2344EB63AA4B4056DF
3. SHA2(6691F8DC72E56302DDAD345D65FEAD3EAD9299609A826E2344EB63AA4B4056DF+Bitcoin) = D551322B778D7BA384DF2FDBE0F0A77F4469C03771780B67D664EAE06F9CB97F
4. And so on...
The possibilities are innumerable.
That said, most people shouldn't do brainwallets because most people are not good at math--and more specifically, probabilities.
|
|
|
|
Beliathon
|
|
December 21, 2014, 10:45:54 PM |
|
The brain wallet is a tool with unparalleled security, due to the leverage afforded by truly invisible money, that follows you everywhere.
You can go to any computer (or smartphone) in the world and print money, and no one will know you have satoshi. You can do this with any amount of wealth.
|
|
|
|
jonald_fyookball
Legendary
Offline
Activity: 1302
Merit: 1004
Core dev leaves me neg feedback #abuse #political
|
|
December 21, 2014, 10:59:33 PM |
|
The possibilities are innumerable.
Yes. But, so far, I haven't seen a better implementation than Electrum. 12 words, no other fancy steps to remember, computer generated entropy, and 144 bits of security. (Plus its compatible with the electrum wallet.)
|
|
|
|
BusyBeaverHP
|
|
December 21, 2014, 11:24:40 PM |
|
The possibilities are innumerable.
Yes. But, so far, I haven't seen a better implementation than Electrum. 12 words, no other fancy steps to remember, computer generated entropy, and 144 bits of security. (Plus its compatible with the electrum wallet.) I use Electrum as well, and evaluating my possibility of remembering a random set of 12 words in the correct order for the rest of my life, I can't guarantee that and will never attempt such things. 2 of 3 physical distribution of the password is the best I can do. Clustering of relational memory feels a lot more natural to me and will probably last a lifetime. Overall though, I don't believe in single point of failure, be it human memory or wallet format, which is why I use Bitcoin Core, Electrum, Armory, and a bunch of other stuff...
|
|
|
|
comp14
Newbie
Offline
Activity: 6
Merit: 0
|
|
December 22, 2014, 03:22:43 AM |
|
Thanks @CIYAM for bringing this topic to light.
Brainwallet has its pros and cons, but vulnerability to rainbow tables is not one of its cons. In some cases brainwallet provides the best cold storage method out there in the market (except multisig addresses). I have most of my coins in brainwallet.
You don't need to have a good memory skill in order to set up a secure brainwallet. Here is one technique I use to generate private keys.
1. Get 15 random characters and write them down. I use sha256(of some words I don't even remember), then I took the middle 15 characters of the hash value and wrote them down on a paper and on walls, saved them on my cellphone and on my pc, emailed to myself. I don't consider them secret so I have them everywhere.
2. Choose specific date. (it can be the future)
3. Choose a name. (it can be in any culture)
4. Pick one Special character. (eg =.,?/+*&^%$#@)
5. your lucky number.
6. hash them 3 times.
I don't think this technique requires good memory skills.
|
|
|
|
jonald_fyookball
Legendary
Offline
Activity: 1302
Merit: 1004
Core dev leaves me neg feedback #abuse #political
|
|
December 22, 2014, 03:35:43 AM |
|
not bad but if someone knows your method and finds your secret 15 chars it's not strong
|
|
|
|
blossbloss
Jr. Member
Offline
Activity: 50
Merit: 1
|
|
December 22, 2014, 03:47:20 AM |
|
I have read this whole thread with great interest. I am a brainwallet user. In a thread from over a year ago, I learned a lot about the difference between obfuscation and sufficient entropy. Have a look... https://bitcointalk.org/index.php?topic=350789.0In the end, I decided to stay away from obfuscation. I now use a truly random, very high entropy passphrase. I couple that with a second random and high entropy BIP38 passphrase. My coin are extremely safe.
|
|
|
|
jonald_fyookball
Legendary
Offline
Activity: 1302
Merit: 1004
Core dev leaves me neg feedback #abuse #political
|
|
December 22, 2014, 04:05:59 AM |
|
I have read this whole thread with great interest. I am a brainwallet user. In a thread from over a year ago, I learned a lot about the difference between obfuscation and sufficient entropy. Have a look... https://bitcointalk.org/index.php?topic=350789.0In the end, I decided to stay away from obfuscation. I now use a truly random, very high entropy passphrase. I couple that with a second random and high entropy BIP38 passphrase. My coin are extremely safe. Nice. Did you ever figure out the dead man drop? I have my own idea on that one.
|
|
|
|
blossbloss
Jr. Member
Offline
Activity: 50
Merit: 1
|
|
December 22, 2014, 04:09:12 AM |
|
I have read this whole thread with great interest. I am a brainwallet user. In a thread from over a year ago, I learned a lot about the difference between obfuscation and sufficient entropy. Have a look... https://bitcointalk.org/index.php?topic=350789.0In the end, I decided to stay away from obfuscation. I now use a truly random, very high entropy passphrase. I couple that with a second random and high entropy BIP38 passphrase. My coin are extremely safe. Nice. Did you ever figure out the dead man drop? I have my own idea on that one. I never did figure out a good dead man drop. I'd love to hear any ideas you are willing to share.
|
|
|
|
|