Posts Tagged ‘triple-encrypted’

26
Jan

Secure and Backup Your Crypto Coins

by adminadam in articles

  • Secure and backup your cryptocurrency.

  • Create redundant encrypted local copies of your wallet.dat files.

  • Create a triple-encrypted, double-obfuscated volume containing all your crypto-wallets (using 7-Zip and TrueCrypt).

  • Securely upload, email, share, and place this volume on the cloud.

~ LA PRIMERA ETAPA ~

The first step is to secure your crypto-stash locally:

  1. Sync your wallet with the bitcoin-litecoin-dogecoin-whatevercoin network.
  2. Encrypt your wallet with a good, strong password, either 10+ random characters or 8+ random words. Ideally, you should use 14+ random characters, despite what the bitcoin-qt wallet shows you:

encrypt wallet
Now it is impossible for someone to pilfer your coins without some Mega-Serious Cracking Abilities (MSCA).

~ LA SEGUNDA ETAPA ~

Your wallet is secured, however, it must be backed-up in multiple (i.e. three or more) locations.

I save an extra wallet copy in a folder in My Documents, and another copy in another folder on my external hard-drive. I also occasionally backup my important folders and my whole system on a third hard-drive.

Typically you can find your original wallet location on your computer by typing the following into the Start Menu search area:

%APPDATA%

If you type this in exactly, it should show a folder called ‘Roaming’ in your start menu. Press ENTER and it will transport you to this typically-hidden folder. Inside you should see a number of folders containing application-data, including one titled Bitcoin, and perhaps others, Dogecoin, etc. if you have them installed.

When you enter the Bitcoin folder, you will see a number of things. One is ‘wallet.dat’. This small file contains your entire stash of coins, now protected if you’ve encrypted it in LA PRIMERA ETAPA.

Each time you want to duplicate and backup this ‘wallet.dat’ file, you should do the following:

  1. In your Bitcoin/Othercoin wallet program, choose ‘File > Backup Wallet’.
  2. NAME IT: Something indicating the Coin-type and the date would be good.
  3. CHOOSE A DESTINATION: Somewhere safe. Multiple media types are ideal: CD’s, USB’s, Hard-drives, Floppies, etc.

~ LA TERCERA ETAPA ~

Now your stash is encrypted and well backed-up — assuming you named and backed-up your wallet.dat file in 3+ places in a way and manner in which you will not lose or forget these files exist.

The next step is an added layer (or two) of extropy needed to protect your coins from totally ridiculous calamities, such as fires, floods, earthquakes, and nuclear bombs.

If your house burns down and your physical backup media are destroyed, you’ve also then lost your ‘wallet.dat’ backup files. Coins gone. Bummer, man!

This is where the cloud can be useful, however — CAVEAT EMPTOR — there is a smart way and a dumb way to do this. I will, of course, explain the smart way. (The dumb way would be to not add any additional protections… or to make the file public… or to advertise its existence to everyone.)

TWO DISTICT PROGRAMS will be explored here as means of adding two additional layers of protection to your entire stash (multiple wallets and coin types included). They are:

7-Zip — This compression program can also encrypt and password protect each of your ‘wallet.dat’ files while adding a layer of obfuscation which would prevent outside observers from viewing filenames contained within. (It encrypts the filenames, hiding transaction logs and address lists from view.)

TrueCrypt — This creates an encrypted, password-protected volume (think: folder) in which you can store each of your now-obfuscated, now-twice-encrypted ‘wallet.dat’ files.

Steps to follow using 7-Zip for each ‘wallet.dat’ file:

  1. Install 7-Zip.
  2. Right-click the first ‘wallet.dat’ file.
  3. Select 7-Zip in the menu, then click ‘Add to Archive’.
  4. In ‘Archive:’, change the name to something unrelated to wallets and coins and doges (oh, my!).
  5. In the ‘Add to Archive’ window, first check that ‘Archive format:’ shows ‘7z’.
  6. Ensure that ‘Encryption method:’ shows ‘AES-256’.
  7. Check the box for ‘Encrypt file names’.
  8. Create a strong password that is different from the one used to encrypt the ‘wallet.dat’ file intially. Again, ideally 14+ random characters or 8+ random words. (As with all steps in this process, you’re screwed if you forget or lose this password.)
  9. Press OK when your password is in.

You should now have an obfuscated, double-secured ‘wallet.dat’ file. Unless you tell someone (or give someone your password), at this point no one will be able to know what-the-crap this archive is, much less gain access to it, absent, again, Mega-Serious Cracking Abilities (MSCA).

Once you have 7-Zipped all your ‘wallet.dat’ files for all your coins, proceed to the TrueCrypt phase…

Steps to follow with TrueCrypt for your collection of Wallet Archives:

  1. Install TrueCrypt.
  2. Open TrueCrypt.
  3. Select ‘Create Volume’.
  4. Ensure ‘Create an encrypted file container’ is selected, and press NEXT.
  5. Here we have an option to create a ‘Standard’ or a ‘Hidden’ TrueCrypt volume. For now, we will simply create a ‘Standard’ volume (Hit NEXT). Later I will detail the steps necessary to create a Hidden volume, which is particularly useful if you believe you may be forced to reveal your password to someone under duress at some point in the future. For now, we’ll just assume a hidden volume isn’t necessary because A) you “don’t have that much money”, and B) you “surely haven’t advertised that you have this special TrueCrypt volume with a bunch of crypto-money in it”.
  6. Choose ‘Select File…’ and browse to a location where you would like to create your TrueCrypt volume, the Desktop, let’s say. We are merely creating a container right now.
  7. After browsing to your chosen location, come up with something inane to name your TrueCrypt container. “photos from joey”, or something to that effect. Type that name into the ‘File name:’ field and hit SAVE.
  8. Hit NEXT.
  9. The next screen allows us to select our encryption and hashing algorithms. For first-timers, the default options AES and RIPEMD-160 are recommended. Hit NEXT.
  10. Next we’ll choose a size for this volume we’re creating. Let’s see, what’s a good size for a spoofed folder full of pictures from Joey? How about 14MB? Should be plenty. The wallet.dat archives are only around 40KB each. Type in an amount ranging from 5 to 20MB. Hit NEXT.
  11. Now we’ll choose a final password. TrueCrypt recommends a 20+ character password, with no easily-guessable whole words. Type in and then re-enter your chosen password. BEFORE YOU HIT NEXT, read about Generating Entropy:

    In the next screen, TrueCrypt will ask you to ‘move your mouse around randomly’ for at least 30 seconds. The reason it is doing this is to collect random data — from your mouse movements — with which to scramble and improve the encryption of your TrueCrypt volume. Be ready to move your mouse around randomly for 30 to 90 seconds before you hit NEXT.

  12. Hit NEXT and begin moving your mouse around randomly. (The VOLUME FORMAT screen should be displayed now). Continue to move your mouse around for at least 30 seconds. After you are either content or tired of moving your mouse around for no apparent reason, click FORMAT. No need to edit any options here.
  13. After you hit FORMAT, wait for your volume to be created. NOTE: This may take a while if you chose a large volume size. When it has finished, it will show a dialog box indicating that “The TrueCrypt volume has been successfully created.” Hit OK.
  14. In the next screen, “Volume Created”, hit EXIT.
  15. Next we will browse to our TrueCrypt volume and mount it from the main TrueCrypt window. (NOTE: If you don’t have the main TrueCrypt window open any more, simply re-open TrueCrypt from the Start Menu.) From within the main window, select an available drive. If you have dozens of hard-drives or CD drives in your computer, you’ll have to choose from amongst the later drive letters in the alphabet. I’m choosing ‘M:’ for “Mega Serious”.
  16. Click ‘Select File…’ after choosing your drive letter.
  17. Browse to and select your inanely-named TrueCrypt Volume, ‘photos from joey’ — or whatever it is you called it. Hit OPEN.
  18. In the main TrueCrypt window, hit MOUNT.
  19. Enter your password and hit OK.
  20. If you have successfully mounted your volume, the name, size, encryption algorithm, and type will show up in the main TrueCrypt window next to the drive letter onto which you chose to mount it. You can now open the volume as you would any other drive or folder. Either double-click on the volume name from within the TrueCrypt window, or browse to your list of Hard Disk Drives in Computer and double-click on ‘Local Disk (M:)’. REMEMBER: You may have chosen a different drive letter than me. ;-)
  21. Now we may proceed to the final step of our Cryptocoin Backup Process…

~ LA CUARTA ETAPA ~

This stage is significantly easier than stage three.

  1. Now that you have your TrueCrypt volume created, encrypted, and opened, simply copy and paste (or drag-and-drop) your 7-Zipped ‘wallet.dat’ files into it. Once they are copied into this volume, you can consider them safe. Once you restart or shutdown your computer, even if the power just goes out, your files are encrypted and safe. You can also choose to DISMOUNT your volume from within the TrueCrypt window and EXIT now.

Next time you want to access your files now, remember you will have to:

  1. Open TrueCrypt.
  2. Select File…
  3. Select the volume and click OPEN.
  4. Hit MOUNT.
  5. Enter your password; hit OK.
  6. Double-click on the volume once it is mounted.
  7. Right click on the wallet file you want to open. Choose ‘Open Archive’ with 7-Zip.
  8. Enter the 7-Zip Archive password.
  9. You now have access to your coin wallet again. (REMEMBER: You also encrypted this file. Good on you!)

~ LA QUINTA ETAPA ~

The final stage.

Share/upload/distribute your triple-encrypted, double-obfuscated TrueCrypt Multi-Wallet Backup System Volume (just one single file now) to a few trusted friends or locations.

You can now safely store this file in your email account, your dropbox, on your smartphone, on a friend’s hard-drive, and so on. The sky’s the limit!

~ LA EXTRA ETAPA: Can you Grok it? ~

I personally can’t grok any more today. I intended to add a section on creating a special hidden volume with TrueCrypt in which to place our ‘wallet.dat’ files. For now I’m quite content with this beginner’s guide. Please see: http://www.truecrypt.org/docs/hidden-volume to read up on Hidden Volumes and try it yourself if you feel so inclined. I may choose to update this guide in the future with a Hidden Volumes tutorial section. We’ll see.

~ LOS RECURSOS QUE UTILICÉ PARA ESCRIBIR ESTA GUÍA ~

(1) http://www.bitcoincreator.com/bitcoin-wallet/how-to-backup-bitcoin-wallets/
(2) http://www.nextofwindows.com/using-7-zip-to-compress-and-encrypt-your-files-and-folders/
(3) http://www.truecrypt.org/docs/tutorial
(4) http://www.7-zip.org/
(5) http://www.truecrypt.org/