Best/easiest way to generate a private key with XX sided dice. 16? 60?

[Chris!]

I've been thinking about grabbing some 16 sided dice, rolling them 64 times, converting the rolls to hex then punching that into bitaddress.org or segwitaddress.org.

I was trying to think of a way to avoid that step and was looking at 58 and 60 sided dice. Of course 58 sided dice aren't fair (different shapes/sizes) so I wouldn't go with that, but 60 may be an option. I could just reroll if I rolled a 59 or 60.

This leaves me with one issue. Is that even going to help me generate a private key? It would have to go through some checks so it's in the right format, so would it be worth buying such a random die, or would getting hex dice and converting that make more sense?

Side note, is it "more random" to flip a coin 256x, roll a 6-sided die 99x or roll a 16-sided die 64x? If you know of where I can read up on probability/entropy please let me know. I'd rather learn it for myself so I really understand it. Any other simple/quick entropy sources would be welcomed as well. I'm just trying to save myself some time when generating private keys for cold storage and I don't trust other entropy sources since idk where they get it from or how it works. Thanks!

[odolvlobo]

I've been thinking about grabbing some 16 sided dice, rolling them 64 times, converting the rolls to hex then punching that into bitaddress.org or segwitaddress.org.

I was trying to think of a way to avoid that step and was looking at 58 and 60 sided dice. Of course 58 sided dice aren't fair (different shapes/sizes) so I wouldn't go with that, but 60 may be an option. I could just reroll if I rolled a 59 or 60.

This leaves me with one issue. Is that even going to help me generate a private key? It would have to go through some checks so it's in the right format, so would it be worth buying such a random die, or would getting hex dice and converting that make more sense?

Side note, is it "more random" to flip a coin 256x, roll a 6-sided die 99x or roll a 16-sided die 64x? If you know of where I can read up on probability/entropy please let me know. I'd rather learn it for myself so I really understand it. Any other simple/quick entropy sources would be welcomed as well. I'm just trying to save myself some time when generating private keys for cold storage and I don't trust other entropy sources since idk where they get it from or how it works. Thanks!

You can't randomly generate a base-58 WIF private key directly because some of the bits contain non-random data. So you are going to have to generate a random 256-bit value and convert the result to a private key. Also, keep in mind that not all 256-bit values are valid private keys.

Basically, the number of N-sided dice you must roll to get 256 bits of entropy is 177.446 / ln N.

[Chris!]

You can't randomly generate a base-58 WIF private key directly because some of the bits contain non-random data. So you are going to have to generate a random 256-bit value and convert the result to a private key. Also, keep in mind that not all 256-bit values are valid private keys.

Basically, the number of N-sided dice you must roll to get 256 bits of entropy is 177.446 / ln N.

Do you know where I can read up on entropy? I'm not sure what that means or how to calculate it.

Any other simple/quick entropy sources would be welcomed as well. I'm just trying to save myself some time when generating private keys for cold storage and I don't trust other entropy sources since idk where they get it from or how it works. Thanks!

How about mouse movement? I seriously doubt it can be "recreated" easily since there are many factors from mouse type, DPI, mousepad surface, user's mood & many more.

The only problem is understanding library which used to generate entropy & you generate it while you're visiting website which track user's mouse movement.

Do you know how would I record mouse movements and/or how could I could use that as an entropy source? I know bitaddress uses this method but then at the same time idk if it's using JavaScript cryptography, which isn't secure enough for a Bitcoin private key IMO.

[bob123]

Do you know where I can read up on entropy? I'm not sure what that means or how to calculate it.

https://en.wikipedia.org/wiki/Entropy_(computing)

I know bitaddress uses this method but then at the same time idk if it's using JavaScript cryptography, which isn't secure enough for a Bitcoin private key IMO.

Do you know how would I record mouse movements and/or how could I could use that as an entropy source? Javascript itself is just a language. This doesn't say anything about the way the entropy is collected and the quality of the PRNG at all.

You could simply use /dev/random of a unix system.
The linux kernel uses mouse movements, inter-keyboard timings, CPU interrupts and other non-deterministic events to gather entropy.

That's definitely random enough to generate a private key.

[Chris!]

https://en.wikipedia.org/wiki/Entropy_(computing)

Haha I'll see if I can wrap my head around this, but if not at least I can check the sources. Thanks!

Javascript itself is just a language. This doesn't say anything about the way the entropy is collected and the quality of the PRNG at all.

I was referring to a talk by... Who was it... Greg Maxwell? I think it was referring to blockchain.info or other websites and how they gather entropy using a poor method. I just don't use any other entropy source (for cold storage anyway) since idk how they work and therefore can't trust them. It's a huge problem being super paranoid but not having coding skills!

You could simply use /dev/random of a unix system.
The linux kernel uses mouse movements, inter-keyboard timings, CPU interrupts and other non-deterministic events to gather entropy.

That's definitely random enough to generate a private key.

Awesome! I'll test that out. Man I wish I asked a few years ago. Would have saved me approx 749283700 dice rolls. . Thanks!

[theymos_away]

https://en.bitcoin.it/wiki/Passphrase_generation#Using_dice

[DaCryptoRaccoon]

While dice is a fantastic way to do things I would look for another way to generate the addresses other that bitaddress.
While some will say it's ok to use I still think if your going to go the route of dice then you might aswell generate the addresses on your own too.

This has been used in the past it uses (CSPRNG) in your browser as its source of entropy instead of rolling physical dice.

https://github.com/grempe/diceware