[Brainwallet Dictionary Crack C 11

2 views

Skip to first unread message

Rancul Ratha

unread,

Jun 13, 2024, 2:30:14 AM6/13/24

to woenopocern

I remember reading somewhere, I think it was fluffypony mentioning one could use for example words from a letter to a loved one seed for a Monero wallet. But from playing with I realized that it is not possible to enter just any text in the mnemonic seed; it just doesn't accept improperly formed mnemonics, apparently. And even if I had 24 words chosen from the official word list, I would still not know what checksum word to add at the end... (I haven't tried generating a brain wallet in monero-wallet-cli yet, but if there is a way, please let me know.)Is there a way to create one's own mnemonic?

Brainwallet Dictionary Crack C 11

Download Zip ✑ https://t.co/s5Y96ekSo3

On the other hand, I am assuming that the hexadecimal field does accept anything, since it is the private spend key. So maybe the way to go would be to choose one's own preferred passphrase, take SHA256 of the passphrase and enter it in field 2. Is that how it should be done?

Obviously, one should be very careful choosing such a passphrase, but I am thinking that brain wallets in Monero shouldn't be as dangerous as in Bitcoin simply due to the inherent time consuming operation of scanning the blockchain and trying to decode every single output for the corresponding stealth address. I am guessing that a decent computer should take at least a few seconds for each brain wallet, so that compiling a huge list of brain wallets and monitoring them is unfeasible. Is this understanding correct?

A brain wallet should always be created offline, preferably on a computer that will never touch the Internet once you decide to use it for a key generator. Make sure any JavaScripts you are using can be initiated offline.

Agree that there is a huge computing penalty for having to scan a blockchain for a given viewkey to identify associated stealth transaction deposits. A full refresh for a new wallet takes on the order of minutes on my computer with the current Monero Blockchain size.

I dont know what exactly he mentioned but I'd guess he meant hiding the mnemonic words into a poem created for the sole purpose of it, or something along those lines. Only words of the dictionary can be used, and you can see which those are if you look at the code here. There are exactly 1626 words. I wouldn't consider this approach safe because if anyone assumed you did hide some 25 words in a poem, he could compare the poem against the dictionary and isolate the words that belong to both the poem and the mnemonic dictionary. Then, he'd have a lot less guesswork to do in order to try and brute-force the correct mnemonic.

Regarding the second part of your question, I'd strongly advise against generating a seed by any other means than a good random number generator (even by rolling physical dice, for the extra paranoid - you need 100 rolls to get the 256bits of entropy). Our brain is horrible at producing true randomness, and hashing a passphrase has reduced entropy. If someone knew the scheme, he doesn't have to try and guess all possible seeds but can limit his guesses to only those that are the result of hashing a passphrase. This is exactly how many people lost bitcoins, by using weak passphrases for brain wallets.

While it is true that checking for balance takes a while, the point made by PyRulez is an important one. If someone knows your address, he doesn't need to scan the blockchain anymore to verify that he made a correct guess. But yes, just taking random guesses to try and find any address with a balance to loot, is way more expensive to do with monero than with bitcoin.

Edit: We could say that generating some long enough text with some personal info and then hashing it would be safe enough. Like "I bought my first yacht with Monero. It's 1983m long." where 1983 could be your birth year or something. That's 53 chars and probably not brute-forceable, but now that I've published this idea, anyone could try some number of variations of it for and see if he gets lucky.

For as much as I am fascinated by the societal and political implications of bitcoin, I must admit that I am equally fascinated by the implications of Brainwallet. Quite simply, a brainwallet, or thoughtcoin, refers to the concept of storing bitcoin in one's own mind by memorization of a special and unpredictable phrase. No, you are not actually storing the bitcoin in your mind but you are storing the access mechanism, or seed, to your stash's private key.

For example, the phrase must be sufficiently long (12 words or more) to prevent a brute force guessing attack, such as "I went seeking freedom, but all the world's islands were already taken." It is further suggested not to use a simple phrase or a phrase taken from existing literature because it is more likely to be hacked by a computer that systematically attempts all phrases, similar to a dictionary attack. You want a high level of word entropy. Seemingly random modifications of the phrase would aid in strengthening brainwallet, such as "I went seeking freeeedom, but all the world's issslands were alreaDy taken." These simple changes make the entire phrase very difficult to predict.

Next, the phrase itself without the quotation marks is turned into a 256-bit private key with a hashing or key derivation algorithm. Completing this process turns my secret phrase into the 64-character hexadecimal key shown below (this should be kept secret also):

You are basically creating your own public Bitcoin address by personally determining the private key and that single instance is sufficient for our brainwallet. With larger deterministic wallets, multiple public/private key pairs are generated using a 'root key' derived from a starting seed and a 'chaincode', thus allowing a continual creation of different key pairs based on the same root node. So the final step in our process is to use this hexadecimal key to compute a standard bitcoin address with a utility such as one provided by Casascius or Electrum. Additionally, you can perform this function on bitaddress, a JavaScript client-side bitcoin wallet generator, and even run a stored version locally on an offline computer for security. The testing-only site is Bitcoin Tools. I add the serious disclaimers that hashing/address generation should not be performed online and, although possible, the importation of private keys is not yet standard functionality on most bitcoin clients. Given that, my hexadecimal key computes into the following base58 Bitcoin address:

Now, you are ready to receive bitcoin from anywhere in the world and have the peace of mind that the corresponding private key to unlock, access, and transfer those bitcoin resides solely in your brain. If you forget the phrase or if you die suddenly, the bitcoin is lost and unrecoverable just like if you had burned cash. You can even memorize multiple phrases for multiple accounts, like casual spending and nest egg savings. Why is this so profound?

For starters, it represents the ultimate in mobile money. You have complete financial privacy and asset protection combined with the ability to have those assets fully accessible from anywhere in the world provided there is Internet connectivity or a telephone. You are also protected from theft or confiscation unless a legal jurisdiction can force you to reveal your bitcoin private key that isn't even known to exist. Possible applications include revealing the secret phrase to a loved one for inheritance reasons or even splitting the phrase into segments with each family member possessing a portion of the total phrase. Off-grid transactions are also possible by simply conveying the phrase via voice or encrypted email. It would also be possible to send bitcoin immediately to someone without an existing address because one could easily be created based on a selected phrase.

It may be awhile before this practice is commonplace since most people do not use bitcoin on a regular basis and most of those do not generate deterministic keys holding $1 million. But, it sure beats lugging around 17 kilos of gold bullion.

I have read from multiple sources that it might be better to have a password composed of several random words since this is easier to remember than a random sequence of characters. For example this article from Thomas Baekdal. I even see this xkcd comic quite often.

Now, I read this article about a new tool called brainflayer, currently target Bitcoin wallets, that can guess 130000 passwords a second. This makes Bitcoin brainwallets useless. I wonder if a similar tool could be used against all passwords and are passwords such as "this is fun" really as safe as Thomas Baekdal claims?

I wrote brainflayer and gave a talk about it at DEFCON. Neither Thomas Baekdal's article nor XKCD's comic apply well to modern offline attacks. I read Thomas's article and his FAQ about it, and it may have been marginally reasonable when he wrote it, it no longer is. A key point is that password cracking attacks have gotten much better since then.

A: Absolutely not! The reason why "this is fun" is 10 times more secure, is simply because it is much longer (11 characters). By removing the spaces, you reduce the length and the complexity substantially. The spaces are effectively special characters, which in itself makes the password much more secure.

Password crackers don't try long brute force attacks much - it's all about cracking ROI. A smart cracker will try word combinations with various delimiters, so using spaces, hyphens, underscores or nothing all ends up providing about the same security. Today's cracking methods use wordlists - which can include phrases - and large corpuses of previously compromised passwords along with popularity. This is combined with rule-based permutation and statistical models. Ars Technica posted a great article detailing modern techniques mid-2013, and attacks only get better.