Armory's Entropy on an Offline Computer

[RBell]

Hello!

I know Armory uses a bunch of different sources to generate entropy, but is this still effective when generating addresses on an offline computer?

Could you explain to me how this works?

Thanks!

[btchris]

In addition to the OS's CSPRNG (either /dev/urandom or CryptGenRandom), it also mixes in:

timestamps, down to the microsecond, of every keypress and mouseclick made during the wallet creation wizard. Also logs mouse positions on every press, though it will be constant while typing. ... Then we throw in the [name,time,size] triplets of some volatile system directories, and the hash of a file in that directory that is expected to have timestamps and system-dependent parameters. Finally, take a desktop screenshot...

Please note that it only uses the sources above if you're creating a wallet via the GUI. If you're using a simple script (e.g. the one I posted a couple of days ago for creating a wallet from a deck of cards), it only uses the OS's CSPRNG for additional entropy.

FYI Bither is the only other wallet I know of which goes to similar lengths for collecting additional entropy like this.

[RBell]

In addition to the OS's CSPRNG (either /dev/urandom or CryptGenRandom), it also mixes in:

timestamps, down to the microsecond, of every keypress and mouseclick made during the wallet creation wizard. Also logs mouse positions on every press, though it will be constant while typing. ... Then we throw in the [name,time,size] triplets of some volatile system directories, and the hash of a file in that directory that is expected to have timestamps and system-dependent parameters. Finally, take a desktop screenshot...

Please note that it only uses the sources above if you're creating a wallet via the GUI. If you're using a simple script (e.g. the one I posted a couple of days ago for creating a wallet from a deck of cards), it only uses the OS's CSPRNG for additional entropy.

FYI Bither is the only other wallet I know of which goes to similar lengths for collecting additional entropy like this.

Thanks! Wow yeah that is a lot.  My concern is that on an offline computer, won't all that other data it grabs be very similar to other offline computers (who have nothing installed but Armory)? Or is that not a valid concern.

Thanks!

[btchris]

Thanks! Wow yeah that is a lot.  My concern is that on an offline computer, won't all that other data it grabs be very similar to other offline computers (who have nothing installed but Armory)? Or is that not a valid concern.

Thanks!

Your welcome

It is a valid concern. I don't know about Windows, but on Linux and BSDs the good news is that it's very much understood as a valid concern, and as much as possible is done to prevent deterministic RNG results: https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/tree/drivers/char/random.c?id=refs/tags/v3.15.6#n52

Is it enough? I honestly don't know, it's a difficult problem....

[RoadStress]

Thanks! Wow yeah that is a lot.  My concern is that on an offline computer, won't all that other data it grabs be very similar to other offline computers (who have nothing installed but Armory)? Or is that not a valid concern.

Thanks!

Valid concern, but if the gathered data goes down to the microsecond and considering that there are various Windows (if that's what you are using) settings than can make the folders differ in size then the whole process is effective.

[RBell]

Ok, interesting.

But, that being said, it is more than what Bitcoin-qt uses, right? So if you're living by the "low hanging fruit principle", even if Armory is done on an offline computer with only Armory installed, it is better than just using Bitcoin-qt on an online computer?

Or am I wrong?

[bitpop]

Using mycelium entropy would be really cool