Extra security for paper wallets

I want to transfer my bitcoin to a paper wallet for long term storage. However, with the risk of fire/theft etc. I'm not comfortable holding it as a paper printout.

So my question (sorry if its too noobie)....why not:

1) create the paper wallet addresses

2) manually write the public and private keys on a piece of paper BUT for the private key, change just one character of the key in a way only I know. For example, increase the 4th character of the key by 1 (so if the 4th character was the number 8, I write it as a 9 on my piece of paper, if it was the capital letter B, I write it as the capital letter C.....you get the idea). So far so good for having a secure paper storage. But what about fire etc...

3) Email the info to my gmail/hotmail account. So I'll always have access to the info as its stored on "the cloud" but is hopefully useless to anyone who hacks my email??

Is there a flaw in my system? Is potentially giving my public address plus 95% of my private key to would-be hackers risky?

Many thanks for your thoughts!

jimmyd

Posted 2018-01-07T18:20:50.773

Reputation: 1

Really appreciate your answers guys! The encryption I suggested was very basic: changing 1 character. In reality I would change multiple (maybe all of them) using various rules. From the hackers eyes, he would try the private key that he hacked and it doesnt work. From there, he has no idea if I've changed 1 or all of the numbers surely? Or is there a "check-sum" as Nate suggested that would tell him easily which digits were incorrect and thus focus his attention on. I cant help thinking that if i change all the digits using a pattern only i know it would be uncrackable? – jimmyd – 2018-01-14T18:51:23.790

Answers

This is extremely risky and not a good idea.

If you just increment one character, there are only about 50 ways to do that. It would be extremely easy for an attacker to just try all 50 possibilities, and they would find your key and steal your coins.

Even if you change one character to a new random character, that's only 50 * 58 = 2900 possibilities. Still very easy. Particularly since the key has a built-in checksum, so that an attacker can tell with high probability whether their guess is correct with a simple computation.

The security of your private key rests in the fact that it is a random one of an extremely large number of candidates. By revealing most of the key, you reduce that number of candidates to a very small number, and lose all your security.

Don't reveal any part of your private key, or save it where attackers could get it. Also, don't try to "encrypt" it with any scheme you come up with by yourself (e.g. a substitution code) - those are also extremely easy to break for any reasonably clever attacker.

Nate Eldredge

Posted 2018-01-07T18:20:50.773

Reputation: 21 420

I agree that you should not do that. You could add that it's a bad idea to send money-related information (like the private key) via email as it's probably not enrypted. – ndsvw – 2018-01-07T20:39:35.560

And what do you think about saving the private keys aes256-encrypted on an other server? (if your house burns, you still have the keys). – ndsvw – 2018-01-07T20:40:24.720

@Alpha: That's fine, but it doesn't completely solve the problem: what do you do with the AES encryption key or passphrase? If you memorize it, you might forget it - and there's a fine line between "complex enough to be secure" and "simple enough to reliably memorize". If you don't memorize it, then you have to store it somewhere, and you're back to the same problem. – Nate Eldredge – 2018-01-07T20:54:09.950

I'm very new to cryptocurrencies, but I will offer my opinion on this question anyway.

You are concerned about physical loss, and therefore want to store your private key in the cloud. In general, it is not advised to do this because your gmail/dropbox/whatever account can be hacked, and someone could find your private key.

Now, you're suggesting that you've encoded it somehow, so this should make it safe. However, in my opinion, what you have is a hacker with your "encrypted" private key, and all the time in the world to brute force attack the public/private key pair.

The way I understand it, the public key is a one-way generated key that comes from your private key. If a hacker has the public key, I imagine you've just handed him everything he needs to hash "typical" ways of encoding data, until he arrives at the correct public key.

My solution to the wallet security problem was to put a Trezor in my fire-proof safe. You could also get a safety deposit box and keep your private key there.

EDIT -- if you're concerned about fire, you can also get something like the CryptoSteel to store your password in a stainless-steel case (with stamped, stainless steel characters), and it will survive a blaze.

Dave

Posted 2018-01-07T18:20:50.773

Reputation: 111

Having the public key does not help an attacker recover the private key, to any significant extent. What matters is that they have most of the private key. "Hashing" doesn't have anything to do with this situation. – Nate Eldredge – 2018-01-07T19:02:38.523

Thanks, Nate. So is it not true that the private key is put through a one-way function to arrive at a public key? Also, if the private key is "encrypted", so to speak, the attacker doesn't really have most of the private key, does he? – Dave – 2018-01-07T19:18:40.790

"is it not true that the private key is put through a one-way function to arrive at a public key?" That is true in a sense, but since it is one-way, having the public key doesn't help you recover the private key. – Nate Eldredge – 2018-01-07T19:32:45.743

Yes, the private key here is "encrypted" in a sense, but the encryption is so very weak that the attacker really does have practically all of it, in the sense that only a trivial amount of work is needed to recover the original key from its "encrypted" form. – Nate Eldredge – 2018-01-07T19:33:18.237