This is actually a long-awaited article, which expounds on my personal views on brainwallets. Although the original author shut down brainwallet.org for security reasons, I believe that brainwallets have their significance and research value. In the previous article, the security of brainwallets was analyzed in principle. This article will share some "feasible" brainwallet generation schemes. First of all, thank you readers for your support for the first two articles. This article contains a few small easter eggs for readers, and everyone is welcome to explore.

Brainwallet.org is dead, but brainwallets live forever III: Try it

Military regulations for using brain wallets

After talking about so much in the previous two articles, it’s time to start using brain wallets in practice. Before going out, it is necessary to review the military rules for safe use of brain wallets:

"The essence of safety is to always remember that nothing is absolutely safe."

- @imcoddy

Security is a topic that will never end when discussed. If you have read the previous two articles carefully, you should have clearly understood the above point by now.

Although absolute security is not available, for most people, relative security is sufficient in many cases. Since Brainwallet.org does not have a big problem in principle, if you want to use it to use the brain wallet and enjoy the convenience it brings, then the question becomes this: how to construct a unique input?

The following personal experiences of the author may give you some inspiration.

"Correct" posture

To use the brain wallet "correctly", the following personal experience is a good reference:

1. Increase the length of the input

First, let's take a quiz. Which of the following two phrases would be more secure when used as a brain wallet?

1. D0g!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

2. PrXyc.N(n4k77#L!eVdAfp9

The trick here is easy to see if it is displayed in a monospaced font. The former is a simple deformation of the English word "dog" plus 30 exclamation points, while the latter is a 23-character gibberish that most people cannot remember. Although the former is long but easy to remember for humans, for computers, the two are just strings of different lengths. And the time required to construct the same string by exhaustive enumeration will increase exponentially with the increase in length.

But after so many years of website registration and login education, many people have become accustomed to setting passwords to no more than 16 characters in length, and some people even use pure numbers of no more than ten characters as passwords. This is the most common mistake made by novices using brain wallets. If you say that the website password cannot exceed 16 characters, it is understandable (in fact, this is also because this website is too lazy, and all websites that store user passwords in plain text are rogue. A more reasonable approach is to hash the user's password and then save the hash value. After doing this, all passwords are finally stored in a fixed length, and there is no need to limit the user's input length), but for a tool like a brain wallet that can input unlimited characters, just entering a dozen letters and using it is tantamount to handing over the coins inside.

Therefore, instead of thinking hard to construct a complex password with a limited length, it is better to think of a long sentence that others find difficult to think of. As an aside, if you reverse the above process, you can actually generate a good password through a long sentence that is easy to remember. This is exactly the principle of PassworK that I wrote a while ago. The forum discussion post of this tool is here. Interested students are welcome to watch.

2. Expand the input character set

It can be said that most attacks on brain wallets are now based on ASCII codes. On the one hand, this is because when brain wallets appeared, foreign language materials were scarce and the active players were basically English players; on the other hand, compared with the ASCII code character set that does not exceed 256 characters, the difficulty of brute force attacks on brain wallets generated by non-standard character sets is directly increased several times.

This is good news for Chinese players. Although the number of commonly used Chinese characters is relatively low compared to the commonly used English vocabulary (mainland China has 2,500 characters, Hong Kong has 4,759 characters, and Taiwan has 4,808 characters. Source), the meaning that can be expressed when characters are combined into words is far greater than other languages ​​of the same length.

If the above sentence is not easy to understand, you may suddenly understand it after reading the following example:

1. The king is always lucky——Wanglaoji;

2. The king is kept justice——Wang Shouyi;

3. The king is lead to peace——Wang Zhihe;

4. The king from the sky - Wang Tianlai.

What does this mean? This means that Chinese can contain more information in the same length of input. Although many people may have difficulty repeatedly inputting the same long text of several hundred words, they usually have no problem inputting a dozen identical Chinese characters without error. And a brain wallet generated by a meaningful short sentence composed of ten Chinese characters may be more difficult to crack than one generated by ten English words.

Are a dozen Chinese characters difficult to construct? When I write this, I suddenly feel that "my thoughts are flowing like a spring, and my writing is like a diuretic." I think I was influenced by Chinese culture when I was young, so I can write Tang and Song poems easily. Let's see what I am saying!

"Once bitten by a snake, you will hear birds singing everywhere."

"The monkeys on both sides of the river kept crying, and a red apricot branch grew out of the wall."

"I wish to be a pair of wings in the sky, and fly away separately when disaster strikes."

"How much sorrow can one have? It's like a group of eunuchs going to a brothel."

"Red tender hands, yellow Teng wine, two orioles singing in the green willows. Outside the long pavilion, beside the ancient road, a line of egrets fly into the blue sky."

…

Of course, if you feel that you have run out of ideas and can't think of any good sentences, it's easy. Isn't it easy to just copy and paste a paragraph?

For example, Babbitt's webmaster Chang Qia commented on this article:

"It's interesting that the brain wallet is like fire. To apes, it's a dangerous toy, but to Homo sapiens, it's a wieldy tool."

The comment from CoinTech activist Chaochaojun is as follows:

“I didn’t really like brain wallets before, but this article gives a clear history of brain wallets, with arguments and historical data. The author also took action to continue the product of brain wallets. He is really a Bitcoin geek party. Thumbs up.”

As long as the above website is accessible and the comment has not been deleted, you can find these two original paragraphs and use them to generate a brain wallet.

Wait, shouldn’t brain wallets use phrases that can be found online? If you have such doubts, then congratulations, you have not forgotten the security rules mentioned at the beginning! Although the hidden secrets of Satoshi Nakamoto make us feel endlessly sad, the practice of trying to hide Bitcoin in a few words on the Internet is often not worth the effort. Nevertheless, the author intends to take this opportunity to try it out as a benefit for readers who have just read this article:

1. Among the brain wallet addresses generated by the content in each pair of double quotes above, three are not empty.

2. The URL to generate a brain wallet is: http://brainwallet.herokuapp.com/

3. Note that the phrase used when generating the brain wallet is the entire content in double quotes plus a half-width space. Therefore, the address generated by "Once bitten by a snake, you can hear birds singing everywhere." is not 13DuS9tSRuXtS13P11pJSFRq25VuDG33kT.

4. The Chinese characters of one color in one of the brain wallets were replaced with Chinese characters of another color.

5. There are some small traps, it depends on your character.

Students who have successfully found it, please take it away, leave a message and announce the correct answer~

Finally, it is worth mentioning in this section that there are potential risks in using an expanded character set: you may not be able to input non-English characters on an offline device (for example, some people may use a Live USB to boot an Ubuntu system without the default Chinese font installed), or different systems may have different support for UTF-8, causing differences in input on different machines, resulting in inconsistent generated addresses.

3. Obfuscate input content

If you don’t immediately look for the reward above but continue to read on, you are a Confucian scholar. Because for this kind of brain wallet that is clearly displayed, it is a taboo to use brain wallets. Cracking a brain wallet is actually a process of countering each move. Although the sentences recited above are mixed and matched rather than original, and other people’s comments can also be considered a random result, but after the rules are announced to the public like the above, it is equivalent to handing over the Bitcoin inside, although the author is indeed giving away Bitcoin:P

In order to generate a sufficiently secure brain wallet, it is essential to confuse its input content. And there are tens of millions of ways to confuse.

Add personal information

This includes but is not limited to your name, height, address, email address and other personal information. The advantage of this is that it is not difficult for you to input, but after adding this personal information to the input, most of the brain wallet attacks that do not target a specific person will fail. Because they do not have your personal information in their vocabulary, they cannot construct the same input.

For example, an example I once used was the serial number of an iPhone 4S phone. Perhaps the only people who knew this information were iTunes on my computer and my Gmail mailbox.

Encrypt the input

After confirming the input content, the input content is encrypted. There are many ways to do this, you can choose an existing encryption algorithm, make your own rules, or even just change the system settings.

For example, if you want to generate a brainwallet with “A brainwallet has two sides”, here are two examples of encryption conversion.

1. For each word with a length greater than 1, delete the last letter. That is, we get A brainwalle ha tw side , and the brain wallet generated by it is 12kXjcVD22FpQLmy9TYAr1fnUCMpeQMjXP

2. Switch to the Converter page, enter A brainwallet has two sides in the Source Text box, and set the text input to Poetry output. The result is waist easily grasp hunger grab taint slide walk gather slam church concrete world passion shimmer mostly heel house people dig form . Input it as a brain wallet and you get 1HQDUbP5YNZKvhJ4tCvq7t8FGbSb38snWG .

Both of the above methods process the original input once more. Compared with the former method, which is prone to errors when manually deleting letters, I personally prefer the latter. This is also the reason why I put Brainwallet.org back online. But this does not mean that the latter is necessarily safer than the former, because the algorithm of the latter is fixed and public, while the former is more of a spur-of-the-moment approach by users, but in some occasions it may have the effect of being better without any tricks.

At this point, if the reader can realize that he or she cannot remember the content entered in the brain wallet input box, your understanding of the brain wallet will be sublimated: you do not necessarily need to remember the last input content, you need to clearly remember how the content you entered was generated.

It is worth mentioning that the conversion using Converter does not increase the information entropy of the input. In the previous article, @ahr999 pointed this out. This is indeed the case. Simply executing the Hash function does not increase the information entropy, but for others, the user's choice of Hash algorithm will increase the information entropy because this requires the attacker to know the information of the generation method used by the attacked.

The concept of entropy and further discussion will be explained in the next article. If you haven't guessed the Easter egg above, you might as well give it a try. The time it took for everyone to crack the above brain wallet will serve as a reference for the next article.