Strongcoin.com was the first hybrid online Bitcoin wallet. One of the nice features of the wallet is that it provides each user with a PDF that can be printed to provide an encrypted paper wallet. In this article, we walk through the process of recovering your funds from that backup.
Here’s an example, taken from Strongcoin’s website:
In this case, a single user has 6 different private keys. The paper wallet includes a public address, and encrypted version of the private key and a balance at the time that the paper wallet was generated.
You could enter the public address into a blockchain explorer to get the current balance stored on each private key.
There’s a column for “Clue” as well – it isn’t clear (today) whether this was intended for users to simply write in a password clue, or whether you could add a clue from within the Strongcoin.com website and have it print on your paper wallet.
No – the Strongcoin wallet format predates the BIP38 protocol, and it uses a different encryption scheme.
Everything that follows assumes that you know the password to your paper wallet. If you don’t know the password – and you have tried the most likely candidates – then you probably need professional help.
Crypto Asset Recovery can take your paper wallet and your password guesses, and expand them into hundreds of millions, billions or more password variations. We’ll then test each one against your encrypted private key until we find the right password.
If we don’t recover funds, you don’t owe us any money. (If we do recover funds we take 20% of funds recovered). Interested in more information? Please contact us.
Strongcoin explained how they encrypt the private keys in their paper wallet back in October of 2011.
Strongcoin uses the highly-regarded open source encryption software called OpenSSL to encrypt private keys in the paper wallet. You can decrypt your private keys using the same software.
OpenSSL offers support for more than 100 different cryptographic algorithms, or ciphers.
A cipher is used to transform data, making it unreadable and secure from unauthorized access. It involves a series of well-defined steps that involve substitution, transposition, or both to convert plain text into encrypted text (ciphertext) and vice versa.
Strongcoin used a cipher called AES-256-CBC. The Advanced Encryption Standard (AES) is a widely-used symmetric encryption algorithm. AES-256-CBC, in particular, refers to a 256-bit key size and the Cipher Block Chaining (CBC) mode of operation. The 256-bit key size offers a high level of security, while the CBC mode ensures that even identical plaintext blocks are encrypted differently, providing an additional layer of security against pattern recognition attacks.
Let’s imagine for a second, that you have a Strongcoin.com wallet, and that your unencrypted private key is: 5Kb8kLf9zgWQnogidDA76MzPL6TsZZY36hWXMssSzNydYXYB9KF
You would like to encrypt that private key with the password: OpenSesame
Once you installed the OpenSSL libraries on your computer, you could create an encrypted private key with the following command:
echo "5Kb8kLf9zgWQnogidDA76MzPL6TsZZY36hWXMssSzNydYXYB9KF" | openssl enc -e -aes-256-cbc -a -k OpenSesame
U2FsdGVkX1+m4PKpcBfkuRmmklQ5nA2WFq17zKEfJndwrvSb6Hb5ACsVgkw4J+wc
vaiFfwQ9AaQaFTa6dUx51gMuCv+Rtz2iycvZWYP0Rrw=
The two lines beginning with “U2Fs” and “vaiF” represent your encrypted private key.
For fun, execute that same command a second time, and notice how the encrypted private key has changed! That’s the magic of CBC mode:
echo "5Kb8kLf9zgWQnogidDA76MzPL6TsZZY36hWXMssSzNydYXYB9KF" | openssl enc -e -aes-256-cbc -a -k OpenSesame
U2FsdGVkX18D+Cljo/dm2es1MeBMUR4BStRbYsciKLBCObM4xR9tzeIUsLHwIF6d
CxircUKMIAUMSKZXXRtIWyEMQsea/uglA6c1Y37gM14=
I’m going to ignore that second encrypted private key away now – the point was just to show CBC in action.
For full compatibility with the Strongcoin paper wallet, you’d need to break that two-line private key into four lines after character 31 on each line:
U2FsdGVkX1+m4PKpcBfkuRmmklQ5nA2
WFq17zKEfJndwrvSb6Hb5ACsVgkw4J+wc
vaiFfwQ9AaQaFTa6dUx51gMuCv+Rtz2
iycvZWYP0Rrw=
Let’s store that encrypted private key in a text file called: key.txt
Now, using this sample data, let’s decrypt it and make sure that we get the unencrypted private key that we started with:
openssl enc -d -aes-256-cbc -in key.txt -a -k OpenSesame
5Kb8kLf9zgWQnogidDA76MzPL6TsZZY36hWXMssSzNydYXYB9KF
Perfect! We have now encrypted and decrypted a private key using the methodology that Strongcoin uses.
It’s worth mentioning that anyone that has your unencrypted private key can take all of your funds. So, you should take some basic precautions:
If you have any questions, feel free to contact CryptoAssetRecovery.com.