Jump to content

Secure Cold Wallet Creation


teddybear
 Share

Recommended Posts

On 9/7/2017 at 7:18 PM, Mercury said:

Awesome

 

@Mercury Hi mate. As promised. I also have it as pdf :

https://www.scribd.com/document/358429157/Offline-Wallet-How-To

 

A BIG THANK YOU goes to @Xilobyte for showing me all this.

Btw, he has a great pdf on the process, too. (https://xilobyte.com/media/Securing_Your_Crypto_Wallet.pdf )

This here is the version for the less technically inclined, written by @teddybear

What you need:

a)      3 USB Sticks (hereafter referred to as No 1, No 2 and No 3)

b       A spare laptop (can be old, mine is from 2012)

c)      A pen, some business cards, transparent scotch tape

d)      1h of effective work time

e)      24h of setup time

f)       Imagination

g)      Nerves

h)      A criminal mind

Let’s get started:

1.      If you have a spare laptop, nuke the hard drive with DBAN.:

a)      Download DBAN from https://dban.org/ (download-buttom on top right)

b        You’ll get an .iso file

c)      Burn the iso file on a USB Stick (No. 1). Download this software: http://www.isotousb.com/

d)      Install the isotousb software and burn the iso on the USB. Make sure to urn with FAT32 (and make sure your stick is FAT32 formatted. If not you can format it with a right click on the USB itself from “my computer”

e)      Now that you have a stick with DBAN on it, put it in the turned-off laptop, turn it on and press repeatedly F2 (or whatever launches BIOS) and chose to mount the system from your USB stick and not from the hard drive.

f)       Once, DBAN is running, just type autonuke and let it run. It will overwrite and delete and overwrite three times in a row all of your hard disk. As a reference it took 24h for my laptop with 750 GB Hard Drive. ATTENTION: DO NOT DO THIS IF YOU HAVE AN SSD CARD, ONLY WITH A HDD. I HAVE NO SOLUTION FOR AN SDD AT HAND, SINCE I DID NOT BOTHER

g)      Congrats, you have an empty machine in front of you

 

2.      Install Linux on it

a)      Get Ubuntu 16.04.3 LTS here: https://www.ubuntu.com/download/desktop

b        Put all the bars to the left to not pay and download the iso file

c)      Format the DBAN Stick again on your online PC, one time fast, one time slow and one time fast, then burn the Ubuntu .iso on it with the isotousb software.

d)      Plug the Stick into your Laptop and install Ubuntu

e)      Opt for the Encryption of your Hard Drive. Chose a strong PW

3.      Congrats you have an Linux PC, which will serve you as your access to your precious Ripples

4.      Never ever connect that PC to a Wifi or any other internet, never connect any printer to it

5.      Get the Rippex software for Linux from your online computer on a stick

a)      Download it here: https://rippex.net/carteira-ripple.php#/

b        Put the whole folder on the USB Stick

c)      Get paranoid: Turn of the Internet, plug off the Lan-cable, plug the Internet box out of the wall and unplug the box from electricity. Lock your doors and your windows, turn off your phone (no distraction). Turn on this in full blast mode: https://www.youtube.com/watch?v=QWg8JAQ9cQ4

d)      Plug the USB Stick into your offline PC. If you can’t run the .sh file in Ubuntu, right click on the file. Go to Properties then to the Permissions Tab. Click the check box that says Execute.

 

6.      Create a wallet that offline laptop

a)      Just in case, in Setting, untick the “online” box

b       Write down the secret key by hand on a piece of paper.

c)      Take your time, write it in nice handwriting, I suggest you write it on the back of a business card.

d)      Don't print it out, neither screenshot, nor CTRL+P nor anything. Old school pen and paper.

e)      Delete the wallet.dat file and recover it by using the secret key. If it works, you know that you wrote down the key correctly.

f)       Take a that piece of paper and wrap it in transparent scotch paper, so that potential contact with water won't destroy it. Wrap it well. Keep this somewhere safe

g)      Chose a strong password for your wallet access. You can play around a bit here: http://www.passfault.com/ hint: the longer the better. "I'm a badass mofo and I like eating my chocolate" is better than "=%*)bdpERq/$IO6" and it's easier to remember.

h)      Use a new USB Stick (No 2) and put thewallet.dat file on it. Store the Stick somewhere safe.

i)        Never plug this stick into your offline computer

 

7.      Write down the public address

8.      Turn on your online computer to the internet

9.      Send 30 XRP (20 to activate, 10 to send back for confirmation) to this address from the exchange.

10.  Go to bithomp.com to check if the XRP are on the blockchain.

11.  Log into Rippex on your offline laptop, chose "send" and send 10 XRP back to your exchange. It will create a txt file. Save that txt file.

12.  Plug in USB Stick No 3, it will be your Transporter Stick and you will only use it to transport these .txt files

13.  Take the Transporter Stick out of the offline PC, plug it into the online PC, open the Rippex software, make sure that here you are “online” in the Settings tab, then in "Submit Txn" drag and drop the file from the stick into the field and hit "submit"

14.  If this works, then you know all is set up and you can make the big transfer from the exchange to your cold wallet.

15.  Keep the offline PC safe, Keep the stick with the wallet file safe, KEEP THE SECRET KEY SAFE

This method allows you to do any transfer without ever exposing your secret key to the internet. The only way to steal your XRP is to either have your secret key, or to steal physically your laptop, crack it and then crack the wallet file. You can always check your balance on bithomp.com

Edited by teddybear
Link to comment
Share on other sites

Hmm ok, I did not have any @teddybear for breakfast today :D Just kidding.  I would improve a few points.

1.  

Quote

Chose a strong password for your wallet access. You can play around a bit here: http://www.passfault.com/ hint: the longer the better. "I'm a badass mofo and I like eating my chocolate" is better than "=%*)bdpERq/$IO6" and it's easier to remember.

Baaaaad. The only reason it is bad is because Mr TeddyBear is a nice guy. The easy to remember "badass" sentence can be guess with a dictionary attack in a few minutes to one day. In that example I do not have to run every single letter in the ISO-8859-1 table to figure you out. Actually the second one is better. It will take at least 10 years to brute force that one. You must remember to make EVERYTHING not human. Easy for human, then easier for computer.

2.  The 2nd USB is only meant to be a backup device. In this case he only did it because of muscle memory. But technically if the Secret Key functioned when tested, he does not even need it. That will narrow my attack vector even more.

3. The third USB is REQUIRED. For his use, he is using it to create offline transactions on the Hot PC and take the unsigned transaction to the Cold PC to be properly signed. So when he takes the Signed transaction back to the Hot PC, he can transmit it. That is the Good Security part.  Good job @teddybear arguments can be made with the "You transmit a virus to the Cold PC via the USB. I say "so what." The cold PC has no connection to the world therefore a virus is useless on that PC. A virus which lives on the memory of the USB which hunts for Secret Keys, does not exist yet. And when it does, all of those fancy USB wallets will become garbage. So this method is the safest. 

4. The only thing I would add is to step 4. It is ok at this moment to connect that computer to the internet and download the wallet software needed, and do your system upgrades. You will actually need a good anitvirus software also, just to scan the USB stick when inserted. It will also intercept any recording viruses when the Signed transaction is created. The point when that computer is COLD is before your create a wallet on it. The whole point of a Cold PC is to protect the accidental transmission of the Secret Keys.

NOW lets eat some bear for breakfast. If I was a teacher in your classrooms, I would tell you all this. Mr @teddybear knew not one thing about any of this 1 month ago. I gave him a few hints here and there, but primarily he has brought himself up to instruction capabilities because of good research on this forum and his own Googling to find what he needed. Given his example, there is not one human on here that should ever be left unsecure or even desire to store crypto on any other computer. There is plenty enough info here and out there to know what your risks are and how to avoid them. Mr TeddyBear is a perfect example to follow. Good job. SO for any of your newbies out there, reading this article or any other, identify your question first and then go research it yourself. Do it yourself not because we are too smart to answer you, but because if you muscle through it yourself instead of being told step by step how to do it, then you will understand your security and your risks far more than anyone can tell you. (but go ahead and as anyway because it is entertaining)

Link to comment
Share on other sites

3 hours ago, Xilobyte said:

Hmm ok, I did not have any @teddybear for breakfast today :D Just kidding.  I would improve a few points.

1.  

Baaaaad. The only reason it is bad is because Mr TeddyBear is a nice guy. The easy to remember "badass" sentence can be guess with a dictionary attack in a few minutes to one day. In that example I do not have to run every single letter in the ISO-8859-1 table to figure you out. Actually the second one is better. It will take at least 10 years to brute force that one. You must remember to make EVERYTHING not human. Easy for human, then easier for computer.

2.  The 2nd USB is only meant to be a backup device. In this case he only did it because of muscle memory. But technically if the Secret Key functioned when tested, he does not even need it. That will narrow my attack vector even more.

3. The third USB is REQUIRED. For his use, he is using it to create offline transactions on the Hot PC and take the unsigned transaction to the Cold PC to be properly signed. So when he takes the Signed transaction back to the Hot PC, he can transmit it. That is the Good Security part.  Good job @teddybear arguments can be made with the "You transmit a virus to the Cold PC via the USB. I say "so what." The cold PC has no connection to the world therefore a virus is useless on that PC. A virus which lives on the memory of the USB which hunts for Secret Keys, does not exist yet. And when it does, all of those fancy USB wallets will become garbage. So this method is the safest. 

4. The only thing I would add is to step 4. It is ok at this moment to connect that computer to the internet and download the wallet software needed, and do your system upgrades. You will actually need a good anitvirus software also, just to scan the USB stick when inserted. It will also intercept any recording viruses when the Signed transaction is created. The point when that computer is COLD is before your create a wallet on it. The whole point of a Cold PC is to protect the accidental transmission of the Secret Keys.

NOW lets eat some bear for breakfast. If I was a teacher in your classrooms, I would tell you all this. Mr @teddybear knew not one thing about any of this 1 month ago. I gave him a few hints here and there, but primarily he has brought himself up to instruction capabilities because of good research on this forum and his own Googling to find what he needed. Given his example, there is not one human on here that should ever be left unsecure or even desire to store crypto on any other computer. There is plenty enough info here and out there to know what your risks are and how to avoid them. Mr TeddyBear is a perfect example to follow. Good job. SO for any of your newbies out there, reading this article or any other, identify your question first and then go research it yourself. Do it yourself not because we are too smart to answer you, but because if you muscle through it yourself instead of being told step by step how to do it, then you will understand your security and your risks far more than anyone can tell you. (but go ahead and as anyway because it is entertaining)

Thanks for the encouraging words @Xilobyte.

You are right. it takes two to tango. You showing the newbies like me and us newbies doing some research on our own.

Or, as the Chinese saying goes: "When the student is ready, the master shows up."

Cheers :)

Link to comment
Share on other sites

3 hours ago, Xilobyte said:

Hmm ok, I did not have any @teddybear for breakfast today :D Just kidding.  I would improve a few points.

1.  

Baaaaad. The only reason it is bad is because Mr TeddyBear is a nice guy. The easy to remember "badass" sentence can be guess with a dictionary attack in a few minutes to one day. In that example I do not have to run every single letter in the ISO-8859-1 table to figure you out. Actually the second one is better. It will take at least 10 years to brute force that one. You must remember to make EVERYTHING not human. Easy for human, then easier for computer.

2.  The 2nd USB is only meant to be a backup device. In this case he only did it because of muscle memory. But technically if the Secret Key functioned when tested, he does not even need it. That will narrow my attack vector even more.

3. The third USB is REQUIRED. For his use, he is using it to create offline transactions on the Hot PC and take the unsigned transaction to the Cold PC to be properly signed. So when he takes the Signed transaction back to the Hot PC, he can transmit it. That is the Good Security part.  Good job @teddybear arguments can be made with the "You transmit a virus to the Cold PC via the USB. I say "so what." The cold PC has no connection to the world therefore a virus is useless on that PC. A virus which lives on the memory of the USB which hunts for Secret Keys, does not exist yet. And when it does, all of those fancy USB wallets will become garbage. So this method is the safest. 

4. The only thing I would add is to step 4. It is ok at this moment to connect that computer to the internet and download the wallet software needed, and do your system upgrades. You will actually need a good anitvirus software also, just to scan the USB stick when inserted. It will also intercept any recording viruses when the Signed transaction is created. The point when that computer is COLD is before your create a wallet on it. The whole point of a Cold PC is to protect the accidental transmission of the Secret Keys.

NOW lets eat some bear for breakfast. If I was a teacher in your classrooms, I would tell you all this. Mr @teddybear knew not one thing about any of this 1 month ago. I gave him a few hints here and there, but primarily he has brought himself up to instruction capabilities because of good research on this forum and his own Googling to find what he needed. Given his example, there is not one human on here that should ever be left unsecure or even desire to store crypto on any other computer. There is plenty enough info here and out there to know what your risks are and how to avoid them. Mr TeddyBear is a perfect example to follow. Good job. SO for any of your newbies out there, reading this article or any other, identify your question first and then go research it yourself. Do it yourself not because we are too smart to answer you, but because if you muscle through it yourself instead of being told step by step how to do it, then you will understand your security and your risks far more than anyone can tell you. (but go ahead and as anyway because it is entertaining)

Actually I thought of editing the above post, but you know what? I won't.

Two reasons:

1. I'm not in the mood and frankly I'm too lazy.

2. It's valuable to see that this is not a set-in stone topic, but an ongoing discussion and this thread and your inputs are a nice example of the vivid nature of the learning curve. If anyone reads my whole post, then he/she will make it to your comments, too.

 

P.S.: You do have to explain how you came up with eating a Teddybear for breakfast :)

Link to comment
Share on other sites

3 hours ago, Xilobyte said:

3. The third USB is REQUIRED. For his use, he is using it to create offline transactions on the Hot PC and take the unsigned transaction to the Cold PC to be properly signed. So when he takes the Signed transaction back to the Hot PC, he can transmit it. That is the Good Security part.  Good job @teddybear arguments can be made with the "You transmit a virus to the Cold PC via the USB. I say "so what." The cold PC has no connection to the world therefore a virus is useless on that PC. A virus which lives on the memory of the USB which hunts for Secret Keys, does not exist yet. And when it does, all of those fancy USB wallets will become garbage. So this method is the safest.

Isn't the offline transaction "created" (and signed) on the offline PC and then taken to the hot PC to be thrown into the Network, aka registered in the Blockchain?

Maybe you said just that and I'm confusing things.

Link to comment
Share on other sites

4 hours ago, Xilobyte said:

1.  

Quote

Chose a strong password for your wallet access. You can play around a bit here: http://www.passfault.com/ hint: the longer the better. "I'm a badass mofo and I like eating my chocolate" is better than "=%*)bdpERq/$IO6" and it's easier to remember.

Baaaaad. The only reason it is bad is because Mr TeddyBear is a nice guy. The easy to remember "badass" sentence can be guess with a dictionary attack in a few minutes to one day. In that example I do not have to run every single letter in the ISO-8859-1 table to figure you out. Actually the second one is better. It will take at least 10 years to brute force that one. You must remember to make EVERYTHING not human. Easy for human, then easier for computer.

According to passfault.com the sentence would take 636971825171662200 centuries to crack with a $500'000 Government cracker

The =%*)bdpERq/$IO6 one would take 4 years and 7 months with the same cracker...

Now, how far is passfault.com a good source? I mean, sure you can run it through a dictionary, but the length compensates for it.

I would always go for a sentence, but just not in English. One could take a local saying and write it in Dialect:

"Chasch nöd s Föifi und s Weggli ha" ("you can't have it all") is a Swiss saying and since this is the transcription of the local (cantonal) dialect, any dictionary can go screw itself. Even in Switzerland, depending where you are it would be written differently. And there is no Swiss dictionary. Now imagine you take, say a Chinese saying and write it in phonetics and add separators between the words like " ?a! blablabla ?b! blibliblibli ?c! blublublu ?d! blebleble".  What you have to remembr is the saying, the way you write it and the separator sequence. You quickly end up with 40/50+ symbols.

What do you think?

Link to comment
Share on other sites

4 hours ago, Xilobyte said:

3. The third USB is REQUIRED. For his use, he is using it to create offline transactions on the Hot PC and take the unsigned transaction to the Cold PC to be properly signed. So when he takes the Signed transaction back to the Hot PC, he can transmit it. That is the Good Security part.  Good job @teddybear arguments can be made with the "You transmit a virus to the Cold PC via the USB. I say "so what." The cold PC has no connection to the world therefore a virus is useless on that PC. A virus which lives on the memory of the USB which hunts for Secret Keys, does not exist yet. And when it does, all of those fancy USB wallets will become garbage. So this method is the safest. 

Well. if I was really to go FULL PARANOIA I'd buy 10 usb sticks for 1$ each, and use them one time only. I don't trade and I just store. So whenever I will have to make a transaction out, I can consider 1$ as transaction cost.

I'd simply just use the stick once, in it's "fresh from the factory mode", plug it into the cold PC, create the transaction text file, submit it into the network via the hot PC and never plug that stick into to the cold PC again, since I might have caught a virus on it from the hot PC. Burn the stick.

@Tinyaccount this kind of refers to your question, too, right?

Edited by teddybear
Link to comment
Share on other sites

2 hours ago, teddybear said:

Thanks for the encouraging words @Xilobyte.

You are right. it takes two to tango. You showing the newbies like me and us newbies doing some research on our own.

Or, as the Chinese saying goes: "When the student is ready, the master shows up."

Cheers :)

Ummm no, I think that was Yoda... :lol:

Link to comment
Share on other sites

8 hours ago, teddybear said:

According to passfault.com the sentence would take 636971825171662200 centuries to crack with a $500'000 Government cracker

The =%*)bdpERq/$IO6 one would take 4 years and 7 months with the same cracker...

Now, how far is passfault.com a good source? I mean, sure you can run it through a dictionary, but the length compensates for it.

I would always go for a sentence, but just not in English. One could take a local saying and write it in Dialect:

"Chasch nöd s Föifi und s Weggli ha" ("you can't have it all") is a Swiss saying and since this is the transcription of the local (cantonal) dialect, any dictionary can go screw itself. Even in Switzerland, depending where you are it would be written differently. And there is no Swiss dictionary. Now imagine you take, say a Chinese saying and write it in phonetics and add separators between the words like " ?a! blablabla ?b! blibliblibli ?c! blublublu ?d! blebleble".  What you have to remembr is the saying, the way you write it and the separator sequence. You quickly end up with 40/50+ symbols.

What do you think?

All that matters is that the words are not in any dictionary. For true Military grade security, you change every 30 days. None of it reeeally matters if Secret is easy though

Edited by Xilobyte
Link to comment
Share on other sites

3 hours ago, darnoc said:

If you have a brand new, name brand hard drive in a computer with a brand new install of ubuntu is the DBAN step necessary on an air gapped machine? @teddybear Thanks for taking the time to write this up!

I'd say no, since the device is coming from the factory. I mean... I nuked it because I was pisssed at the machine. As @Xilobyte says, you can start being offline once you downloaded the Ubuntu and did all software updates. I went a bit over the top by importing Linux on a Stick.

Happy to be corrected, but all in all I'd say the DBAN step is not necessary if it's a fresh device.

 

Oh, thank you for your support. Much appreciated.

Link to comment
Share on other sites

I'd be interested in setting this up on a Raspberry Pi actually. I'm sure one can put Ubuntu on it. That's an easy to hide full PC. But then again, if the physical "safe space" is big enough, then one could buy a very small laptop and hide this one instead. No need for the drama with the screen and the keyboard for the Raspberry. Oh well... there are touchscreen version for it, too... endless opportunities it seems.

Link to comment
Share on other sites

1 hour ago, teddybear said:

I'd be interested in setting this up on a Raspberry Pi actually. I'm sure one can put Ubuntu on it. That's an easy to hide full PC. But then again, if the physical "safe space" is big enough, then one could buy a very small laptop and hide this one instead. No need for the drama with the screen and the keyboard for the Raspberry. Oh well... there are touchscreen version for it, too... endless opportunities it seems.

Ubuntu Mate will work on a RPi but only for XRP. I have not been successful with other wallet software for coins like BTC. DBAN is really only menat for older pcs that have been used for a time. It is also only menat for the hard drive so a fresh HD means no DBAN required.

@teddybear was still not wrong though as for a manufacture HD you just want to be sure. So not paranoid or anything.

Edited by Xilobyte
Link to comment
Share on other sites

7 hours ago, teddybear said:

I'd be interested in setting this up on a Raspberry Pi actually. I'm sure one can put Ubuntu on it. That's an easy to hide full PC. But then again, if the physical "safe space" is big enough, then one could buy a very small laptop and hide this one instead. No need for the drama with the screen and the keyboard for the Raspberry. Oh well... there are touchscreen version for it, too... endless opportunities it seems.

I managed to do it on the PI, in part thanks to this post and @Xilobyte follow up

The hassle of dragging out monitor and other peripherals to check out the small amounts I had was a pain though. I have yet to try a live distro setup, but that is next on my list. Any success with Tails @Xilobyte?

Another simple way to protect your hordes of XRP, if your so lucky to have a horde, is to split up the amount over a few wallets. In the case of someone managing to steal access to one, forgotten passwords, weird code failure or something you don't lose it all.

 

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share


×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.