Since I have a BitCoin Wallet now I figure I should probably have an encrypted offline storage mechanism for all the keys and the wallet file itself. If best practices have been followed then your Wallet is password protected already, but let’s go ONE MORE step and encrypt them on a USB drive.
So far TrueCrypt rocks. The user interface is extremely unhelpful to n00bs up front but once you straighten things out it should prove easy to use.
Here we see that I’ve mounted the 100MB file F:/SwissMemory-100.tc as drive S. Drive F is where the USB key actually is and Drive S is the new virtual encrypted drive.
- Download True Crypt
- Download True Crypt Key and Signature (another blog post for PGP)
- Verify signature with PGP tool of choice
- Install
- Plug in your favorite USB drive
- Choose the Create Volume button and a Wizard launches
- Select encrypted volume and make a .tc file of the desired size on the USB key. If you just want to store some small files you can make a pretty small volume. It’ll be a small opaque file on the USB drive. There are other options to encrypt the entire volume but honestly my resume and other assorted files on there don’t need encrypting. This means the USB drive can still be used in other computers without TrueCrypt installed. You’ll only need TrueCrypt to get access to what you keep in the encrypted part.
- Create a long ass random password for the volume. (LastPass is what I’m using for this. Another blog post is required for comparing password managers).
- Change the TrueCrypt preferences to auto open Explorer window for mounted volume.
- In TrueCrypt select your newly created .tc file to mount as a drive letter. You’ll have to enter that super long password again. This should cause the folder to open automatically on your desktop.
- Copy all of your important files into this folder. It’ll show up as a new drive that you can manage natively from your PC.
There you go – now you’ve securely stored your key files and wallet files. If you drop the USB drive somewhere it’s safe from prying eyes and your BitCoins won’t be stolen.
This DOES NOT protect you from someone either extorting you to provide the password or an agent of the law / court ordering you to provide the password. In this case a Hidden Volume would be required to have plausible deniability that any encrypted volume EVEN EXISTS.
Check out this pretty cool TrueCrypt article on what they call a hidden volume. It’s neat how they do it.