Brain Wallets Are Not Secure and ‘No One Should Use Them,’ Says Study
The so-called “brain wallets” have always been a topic of heavy debate in the Bitcoin world, as this solution to store funds is far from secure. Memorizing passwords is hard enough for people, but there are bigger worries with brain wallets than most people anticipate, according to a new study. Also read: Ethereum’s Blockchain ‘Makes […]
The so-called “brain wallets” have always been a topic of heavy debate in the Bitcoin world, as this solution to store funds is far from secure. Memorizing passwords is hard enough for people, but there are bigger worries with brain wallets than most people anticipate, according to a new study.
Brain Wallets Are Inherently Insecure
Despite the idea of a brain wallet using cryptography to add an additional layer of protection to a Bitcoin address, the concept is rather flawed. In the end, it all comes down to the individual user choosing a strong password, which is then encrypted, allowing for users to store their brain wallet on the blockchain in an unencrypted fashion.
However, if the chosen password by the user is too weak to pose a challenge to brute forcing methods, there is no additional security to speak of. While it is impossible to tamper with the blockchain itself — where these brain wallets are stored unencrypted — it does not provide a countermeasure for lackluster consumer security precautions.
The starting point of any password-based protection layer is critical in creating a brain wallet, especially for Bitcoin users. Granted, this password has to be easy enough to remember or recover, which makes consumers favor a string of characters or words they have used somewhere else before. It is this type of lackluster precaution that makes brain wallets inherently insecure, as the foundation for the password is far too weak.
Most tools used to create a brain wallet will accept any password — either one word or a sentence — and encrypt this input with the SHA-256 hashing algorithm. This same cryptographic algorithm is used by Bitcoin itself, as it cannot be reverse engineered to find the original input. But at the same time, SHA-256 encryption is relatively cheap regarding the computer power required to crack it. This allows anyone in the world with some time to encrypt random pieces of text and test them against all of the brain wallets stored in the Bitcoin blockchain.
From Bad to Worse
To make matters even worse, a new paper from Nicolas Courtois (et. al.) at the University College London shows how it has become far more efficient to mix and match brain wallet keys. To put this into perspective, anyone can test close to 18 billion brain wallet password combinations using Amazon Web Services’ EC2 for the price of US$1.
While most of the problem can be attributed to consumers using very weak passwords, the services used to convert passwords from plain text to SHA-256 are to blame as well. By failing to keep up with the evolution of cryptography, a lot of these platforms are providing sub-par security standards. Not all of these websites use a salt, which would provide an additional layer of security to brain wallet users.
That being said, the platforms which do offer this additional security layer of using a salt, are allowing users to skip this measure if they want to. Making this extra small step mandatory would be a good step in the right direction, although that would still not fix the issue of users entering fragile base passwords. “For example we are able to examine passwords in brain wallets 2.5 times faster than the state of the art implementation presented at DEF CON 2 months ago,” an excerpt from the paper reads. It adds:
We have been able to crack thousands of passwords including some quite difficult ones. Our research demonstrates again that brain wallets are not secure and no one should use them.
Even though one might argue the number of brain wallets stored on the Bitcoin blockchain is fairly low — 884 were discovered according to the paper — that number is still alarming. Especially when keeping in mind how all but 21 of these brain wallets were drained of funds over time, most of them within minutes of being recorded on the blockchain.
When everything’s said and done, it comes down to this: using simple passwords is never the solution, regardless of how they are hashed or encrypted. To give brain wallet users an example of how easy it is to match their insecure passwords, tools like BrainFlayer let users quickly hash text and test it against brain wallets encryption keys.
What are your thoughts on using a brain wallet in general? Let us know in the comments below!
Images courtesy of Shutterstock, Trojan, Ether Camp