CONTROLLING YOUR PRIVATE KEY — A GUIDE
“You don’t own your Bitcoins if you don’t own your Private Key”
Let’s begin with what ‘Andreas M Antonopoulos’(Greek-British bitcoin advocate) says:
“Revealing your private key to third parties is equivalent to giving them control over the bitcoins secured by that key. So your private key should always be secure. The private key must also be backed up and protected from accidental loss because if it’s lost it cannot be recovered and the funds secured by it are lost too.”
This brings out the importance of private key in keeping bitcoins secure.
Let us understand what a private key is. A private key is a secret number that allows us to spend bitcoins. The private keys are mathematically related to all bitcoin addresses generated for that wallet.
Private Key allows you to sign your transactions proving that you are in ownership of these coins.
Let’s say, for example, a public key is like the E-mail address that allows people to send you messages. Private key is like your password that you require to unlock and read the messages. If someone knows your password, then it’s dangerous because they get access to your messages.
someone who has the private key gives them full access to the coins and that’s something that you should never do.
These digital keys are not stored on the bitcoin network but are created and stored in the wallet. A wallet stores these keys. There are different types of wallets that allow the private keys to be stored and guarded by the user.
They are primarily of 2 types; hot and cold wallets.
HOT Wallets:
A hot wallet refers to a bitcoin wallet that is online and connected in some way to the internet. It refers to keeping bitcoins in an exchange where they can be withdrawn on demand.
COLD Wallets:
A cold wallet in the context of bitcoins refers to keeping a reserve of bitcoins offline. They are not present on the web server or any other computer.
The following are examples of a few hot and cold wallets:
1. Web and Mobile Wallets:
Your private keys are stored on their servers. Only you can decrypt the keys that are stored in an encrypted form. You need to take extra safety measures when dealing with these services because in this kind of wallet your keys are held by someone else and if it's hacked or stolen, you lose all your bitcoins.
2. Desktop Wallets:
These are relatively safe. When such wallets are installed, you will get your bitcoin address and private key in a downloadable and importable file. These importable private keys can be password protected and stored on a memory stick or hard drive. But once you lose the file of the private key, you will lose the bitcoins as well.
3. Hardware Wallets:
These are electronic wallets made to store your private keys offline so that they don’t get hacked. Some hardware wallets come with security grid cards similar to some debit cards in order to verify the transactions. Some also have a little digital screen to verify your transactions. They are tamper proof and come with a limited user interface. In case your device is destroyed, you can retrieve your keys and bitcoins, considering you have a backup code.
4. Paper Wallets:
These are bitcoin private keys printed on a piece of paper. It is an effective way of storing bitcoin private keys offline. They protect the user from a potential desktop or mobile mishap. They can be printed on a paper or stored as a soft copy on a USB or hard drive.
Security depends on choosing a good Private key:
Careless selection of private key can lead to theft. Imagine we want to use a private key that is easy to remember. The number 1 is easy to remember and is a valid private key. But the question is how secure it can be?
The private key 1 generates a certain address. If you follow the address you will notice that address was already involved in a lot of transactions over the last few years.
It’s possible that a thief could spend any available funds at this address because the private key is known to you.
A private key may also be chosen by a random number generator.
But what would happen if the random number generated were not quite random?
What would happen if all the randomly generated private keys were clustered about a constant value within a narrow range?
The clustered distribution limits the search space, favoring the attacker. Any attacker aware of such a defect could drastically reduce the search space. If all the conditions turn out to be favorable, he can steal funds from any one of them at will.
The need to select a good private key becomes highly important with brain wallets. A brain wallet can be created by with paraphrase such as “to be or not to be”, then applies a mathematical function to convert this text to a private key.
It’s not easy to tell what qualifies as a secure brain wallet. Attackers can exploit the uncertainty and inexperience of new users to steal funds. A thief might compile an enormous database of common phrases and passwords and would still be searchable with little computation effort.
Secure private keys are generated with a high degree of unpredictability so that they can’t be guessed.
With a lot of exchange hacks in news, keeping coins in your control is definitely something that you need to be aware of and should actively work towards.
