# The Bitcoin malleability attack graphed hour by hour

• The Bitcoin malleability attack graphed hour by hour
• python - Password Strength Detector - Code Review Stack ...
• cryptography - XKCD #936: Short complex password, or long ...
• Calculating entropy within xkcd 936: Password Strength ...
##### How DPR might spend his millions from inside of prison

I spent some time thinking about how DPR might spend his millions from behind bars. Here's what I came up with. Can you do better?
Imagine that DPR is in prison and he's got 80 million dollars worth of BTC in a brainwallet. For example, all stored with the passphrase "correct horse battery staple" (c.h.b.s for short). The Feds want that money and they're definitely not going to let him send it to anyone so they're not letting him use a computer, especially not one connected to the internet.
If he had access to a computer, he could write a transaction from behind bars and pass it on a piece of paper to someone on the outside. But he doesn't. And if he did, that computer would have a keylogger.
His next alternative is to write c.h.b.s on a piece of paper and pass that to someone. But he'd then be trusting all his 80 million to one person. That's not safe, either.
Assuming some planning, maybe he divided up his money into tens of thousands of bitcoin addresses, each one with, say, 20BTC. Now he can give out private keys as needed, written down, and spend money in increments of 20BTC.
The problem with that is that he has to memorize thousands of passphrases. One option, he could use:
• "c.h.b.s 1"
• "c.h.b.s 2"
• "c.h.b.s 3"
• ...
but someone would catch on to the pattern and take all his money.
In prison he might have books. Instead of numbers, he could use the first letter of words in a line from a book, like Romeo and Juliet. Like this:
• "c.h.b.s Thbaid" (Two households, both alike in dignity,)
• "c.h.b.s IfVwwlos" (In fair Verona, where we lay our scene,)
• "c.h.b.s Fagbtnm" (From ancient grudge break to new mutiny,)
Harder to crack but it's just obfuscation. If someone figures out the book, he's screwed.
Ideally, he would have a hash function that could be computed with innocent things that you'd find in a prison: a deck of cards, a book, maybe a calculator. Bruce Schneier invented a cryptographic algorithm that uses a deck of cards. If you had a good hash function that you could do mechanically, you could use those outputs at http://brainwallet.org:
• Hash("c.h.b.s 1") -> 0101010100101... (many, many bits)
• Hash("c.h.b.s 2") -> 1010101110100... (etc)
A deck of cards is surprisingly strong. The order of a random deck of cards is about 200bits of entropy, even more than a 160bit bitcoin hash, so a deck of cards could be useful.
That's as far as I got. Any better ideas? How do you store 10,000 brainwallets in your brain without using a computer? Or make transactions without a computer?
random correct horse battery staple bug tin hat. For 4 word sequences I would need to find: random correct horse battery. correct horse battery staple. horse battery staple bug. battery staple bug tin. staple bug tin hat. So all word sequences in the supplied string (and any sequence that is between n and m words long). I tried creating some ... For correct horse battery staple the reasoning is that each of the four words is drawn from a dictionary of size $2^{11}$ which means $4\times 11=44$ bits of entropy. In both cases it can be assumed that the attacker knows the possible choices influencing the entropy estimation and that it's actually a uniformly random decision which word / pick is done. If you want an even more thorough ... \$\begingroup\$ "correct horse battery staple is a very strong password." ... If you have a naive entropy calculator that doesn't account for passphrases, that's equal to an entropy a 3 followed by 49 zeroes. However, all the words start with the same letter a. there are only about 13,000 words that start with the letter a in English, and there are only 5 words. By the same entropy math, that ... Using your own variant on “correct horse battery staple” for multiple accounts is also a bad idea, from a security and privacy perspective. A single compromised account could leak all the passwords to your email, Bitcoin exchange, and other sensitive accounts. Trying to memorize a different password for tens or even hundreds of accounts is ... If you don't know the method, then "correct horse battery staple" looks like 216 symbols from a 2-symbol alphabet: in other words, 216 bits. If you know that it's four English words (and know XKCD's wordlist), then it looks like 4 symbols from a 2048-symbol alphabet. 2048^4 is big, but it's smaller than 2^216, which is how many bytes of entropy a truly random bit string of that length would ...