Is it safe to email an encrypted wallet to myself?

11

3

I'd like to setup an automated process to email my encrypted wallet to myself, so that if, for instance, my house burns down, I've got easy access to a recent copy of my wallet stored off-site.

I've seen this mentioned in a couple places as a method for backing up a wallet, but none of the more thorough security guides I've read mention this as either a good or bad thing to do.

So, is this a stupidly insecure thing to do, or a reasonable means of keeping a regular automated off-site backup of a wallet?

Jon Garvin

Posted 2012-01-20T03:24:34.317

Reputation: 342

Answers

7

The wallet.dat contains not just encryption keys but addresses as well. If you are using the encrypt feature from the Bitcoin client to encrypted the keys then mailed to yourself those keys in the wallet would be secure assuming you used a strong passphrase and that passphrase is not used elsewhere.

But the transactions in that wallet can be viewed by anyone with access to the backup file.

Stephen Gornick

Posted 2012-01-20T03:24:34.317

Reputation: 26 118

Thanks. So, adding an additional layer of encryption, such as like this [ http://snippets.dzone.com/posts/show/341 ], would be beneficial before emailing the (now extra encrypted) file. Except, to make it automated, the script would need to contain the plain text salt that was used for the extra encryption, so if someone got a hold of THAT. <sigh> I guess there is no perfect solution. All options have their pro's and cons, both in terms of security and convenience.

Jon Garvin 2012-01-20T16:34:54.527

1Create a public/private RSA key pair. Encrypt with the RSA public key before emailing. (You can use gpg to do this.)David Schwartz 2012-01-21T00:47:59.320

@DavidSchwartz But then where would I securely store the private key to address the original scenario - "so that if, for instance, my house burns down?" Email it to myself? ;-)Jon Garvin 2012-01-24T02:14:10.370

1@JonGarvin You would memorize the pass phrase it was generated from, using a deterministic process so that you could regenerate the key given the passphrase. Alternatively, you would write it on a piece of paper (or print it in barcode) and lock it in a bank vault.David Schwartz 2012-01-24T02:29:11.013

@DavidSchwartz I was unaware that it is possible to generate keypairs deterministically.Jon Garvin 2012-01-24T05:06:49.217

The SHA256 hash of any passphrase can be used as a private key with a corresponding public key and Bitcoin address. Note that security requires that an attacker need at least 2^104 guesses to get it and, ideally, 2^128.David Schwartz 2012-01-24T05:21:13.797

9

You can trust encryption

If you encrypt anything using a strong key and a strong algorithm (e.g. GPG) then you can be sure that it will be beyond economical reach for anyone for a long time.

So, the general procedure would be

  1. Encrypt wallet.dat with your long and complex passphrase (which you keep safe)
  2. Attach the ciphertext output to your email
  3. Enjoy the free offline backup service

Do not just attach wallet.dat to the email since it will reveal your transaction history and bind your public addresses directly to you thereby removing your anonymity.

Gary Rowe

Posted 2012-01-20T03:24:34.317

Reputation: 7 175

Isn't the wallet.dat the ciphertext output?Pacerier 2012-06-18T02:24:38.420

Only if you use an ecrypted wallet. Not everyone has upgraded. See @Stephen Gornick's answer for more details.Gary Rowe 2012-06-18T08:53:39.250

5

You can also use hushmail.com for emailing an encrypted wallet file to yourself for backup. It is an added layer of protection and when utilized in this way, it acts as an online wallet accessible anywhere.

matonis

Posted 2012-01-20T03:24:34.317

Reputation: 221

0

Instead of e-mailing it to yourself, why not send it through a cloud service such as Dropbox or Google Drive which connects through SSL by default?

superuser

Posted 2012-01-20T03:24:34.317

Reputation: 387