11
3
I'd like to setup an automated process to email my encrypted wallet to myself, so that if, for instance, my house burns down, I've got easy access to a recent copy of my wallet stored off-site.
I've seen this mentioned in a couple places as a method for backing up a wallet, but none of the more thorough security guides I've read mention this as either a good or bad thing to do.
So, is this a stupidly insecure thing to do, or a reasonable means of keeping a regular automated off-site backup of a wallet?
Thanks. So, adding an additional layer of encryption, such as like this [ http://snippets.dzone.com/posts/show/341 ], would be beneficial before emailing the (now extra encrypted) file. Except, to make it automated, the script would need to contain the plain text salt that was used for the extra encryption, so if someone got a hold of THAT. <sigh> I guess there is no perfect solution. All options have their pro's and cons, both in terms of security and convenience.
– Jon Garvin – 2012-01-20T16:34:54.5271Create a public/private RSA key pair. Encrypt with the RSA public key before emailing. (You can use
gpgto do this.) – David Schwartz – 2012-01-21T00:47:59.320@DavidSchwartz But then where would I securely store the private key to address the original scenario - "so that if, for instance, my house burns down?" Email it to myself? ;-) – Jon Garvin – 2012-01-24T02:14:10.370
1@JonGarvin You would memorize the pass phrase it was generated from, using a deterministic process so that you could regenerate the key given the passphrase. Alternatively, you would write it on a piece of paper (or print it in barcode) and lock it in a bank vault. – David Schwartz – 2012-01-24T02:29:11.013
@DavidSchwartz I was unaware that it is possible to generate keypairs deterministically. – Jon Garvin – 2012-01-24T05:06:49.217
The SHA256 hash of any passphrase can be used as a private key with a corresponding public key and Bitcoin address. Note that security requires that an attacker need at least 2^104 guesses to get it and, ideally, 2^128. – David Schwartz – 2012-01-24T05:21:13.797