NoBrainr - a secure and transparent cold address generator in 1024 bytes

[flatfly]

NoBrainr is a little command-line tool that is meant to do only one thing: easily create secure offline addresses with strong yet easy-to-remember private keys, suitable for brain wallets and paper wallets (cold storage.)

Classic 7-word mode:
Wed 11/20/2013  1:23:27.40> nb_create
1J8QaLPakjqd2yUraHwcehmqnjMgCfiy49 == cream lift usher sliver flux poses husk
Wed 11/20/2013  1:23:29.12> nb_create
15iKriJFiNUYwfdUyQ2UPTD9e5EAFDgcus == runes scold ghetto clicks ditch rafts panda
Wed 11/20/2013  1:23:30.89> nb_create
1M8uEahVymjwQNquCHnEYN1dCAcHL31dsi == dice barks green pitch tamper snowy cost
Wed 11/20/2013  1:23:32.71> nb_create
1G2YmiFZmhrQvvCPapTSXLoXF6Dm6FVWSm == fonts night lab! canon atop dx madly

Physical-dice (uber-paranoid) mode:
Wed 11/20/2013  1:25:59.23> nb_create 56231 15421 11454 23665 42325 66242 15524
17nBfyTPeDHZcLXToxCYvLXQXKxJzd8ULj == taint burma aha easy mj prayer well!

Main features:

- makes strong AND easy-to-remember passphrases (bit strength can easily be modified, if needed)
- 100% open source and SHORT source code (as in, less than 1024 bytes!)
- extremely easy to review
- runs 100% offline (standard Python 2.x)
- supports 2 generation modes: from /dev/urandom OR physical dice!
- cross platform: successfully tested on Windows, Linux, OS X, Android and Raspberry Pi


Note: For high amounts, it is strongly recommended to print and save a copy of the passphrase in a secure place (such as a personal or bank vault), to mitigate the risk of forgetting your passphrase after a few months/years.


Downloads on our web page: http://trax.x10.mx/

Hopefully this will help people create safer brainwallets. Feel free to suggest any improvements.
Also, any tips/donations are welcome and will encourage further script and wordlist updates.
Thanks!   Donation address:  1111127SpvabYpoeDoiz5L7QPkfiSh2Q


Credits:

Idea and implementation: svenfaw
Packaging and distribution: flatfly
Portions of code: jeromes

[1713884774]

1713884774

[1713884774]

1713884774

[1713884774]

1713884774

[virtualmaster]

NoBrainr is a new little tool to create hack-proof brainwallets.

Main features:

- makes 90-bit strong easy-to-remember passphrases
- 100% open source
- cross platform

Hopefully this will help people create safer brainwallets.

More details and downloads at the my web page: http://trax.x10.mx/

We'd love to have some feedback, so
Feel free to play with it, review it and suggest any improvements.

I will try it. Thanks

[flatfly]

V1.03 is out, fixing the line endings issue (OSX, Linux) reported on Reddit, and a minor edge case.

[Abdussamad]

The word list could use some improvement. It has letters and symbols in it too.

[flatfly]

The word list could use some improvement. It has letters and symbols in it too.

The word list is based on the standard diceware word list.
Take a look at their FAQ: http://world.std.com/~reinhold/dicewarefaq.html#meaningless

Keep in mind the major benefit of a xkcd/diceware-like approach is to generate passphrases with constant and guaranteed bit strength (which we view as a very important feature.
)

We have tweaked the word list a little bit, removing some of the most offensive or least common words.

[favdesu]

so, did someone review the source code yet? this looks really promising

[flatfly]

so, did someone review the source code yet? this looks really promising

Thanks. Some people looked at it on Reddit, but I would certainly encourage more users and experts to review/test/hack the hell out of it!

The great thing is that the source code is really short, and uses only standard Python libraries, making it extremely easy to review and trust.

[Abdussamad]

The word list could use some improvement. It has letters and symbols in it too.

The word list based on the standard diceware word list.
Take a look at their FAQ: http://world.std.com/~reinhold/dicewarefaq.html#meaningless

Keep in mind the major benefit of a diceware-like approach is to generate passphrases with guaranteed, constant, and easy-to-calculate bit strength.

We have tweaked the word list a little bit, removing some of the most offensive or least common words.

Ok you are right. Good work. I'll try this script out in a VM when I get the chance.

[viriat0]

good work

[favdesu]

run it in a sandbox and it works.

but I'm missing some sort of manual - like how to create it (some people have no idea how to use the shell) and how to use a brain wallet in general

[Patel]

Is nb_create the only command? Can you create your own passphrases and it generates the private and public key?

Anyways, excellent tool I like it

[flatfly]

Is nb_create the only command? Can you create your own passphrases and it generates the private and public key?

Anyways, excellent tool I like it

Thanks!
At this stage, there is only one command. I like little apps that do only one thing but do it properly.

The reason why it doesn't let you select your own passphrase but generates it using a secure RNG is that humans are generally quite bad at choosing high-entropy AND easy to memorize passphrases.  This is why people have been repeatedly burned while playing with brainwallets.  This tool helps you stay on the safe side.

That said, if you are a developer, it is very easy to modify the source code of NoBrainr to make it generate brainwallets based on passphrases of your choosing. However we generally don't want to encourage that, especially as most new users don't have a proper understanding of password entropy.

[dserrano5]

I thought this would be a FAQ but my searches turn out empty.

Code:

$ python NoBrainr.py 
Traceback (most recent call last):
  File "NoBrainr.py", line 2, in <module>
    import ecdsa, binascii, hashlib 
ImportError: No module named ecdsa

I tried to stick a couple of lines to the beginning of the script to reuse electrum's version of ecdsa:

Code:

import sys
sys.path.append ('/home/electrum/Electrum-1.7.4/ecdsa')

To no avail:

Code:

$ python NoBrainr.py 
Traceback (most recent call last):
  File "NoBrainr.py", line 9, in <module>
    secp256k1=ecdsa.curves.Curve('secp256k1',secp256k1curve,secp256k1point,(1,3,132,0,10))
AttributeError: 'module' object has no attribute 'curves'

I see a couple of python-ecdsa modules in github. Is one of them the correct one? Isn't there a central repository of python modules a la Perl's CPAN?

[flatfly]

Could you try 'sudo pip install ecdsa'?

I will try to add a little FAQ on the website as time permits.

[dserrano5]

Could you try 'sudo pip install ecdsa'?

Thank you, that did it.

[flatfly]

A new release (1.043) is now available.
The code is even shorter (999 bytes!), and dozens of entries in the wordlist have been updated with more intuitive words.

Reminder: Linux and Mac versions require the latest release of the ecdsa library:  sudo pip install ecdsa

[flatfly]

PGP signatures for the current version:

Windows executable (v1.043):

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (MingW32)

iD8DBQBSXwYq0dQqIfkZdf4RAiUUAJ475BKvisVtIVubg2DIYkrdexE+7ACgoL4Q
S/jRzIjS2CB+9SFYH4nqnDA=
=t1Jq
-----END PGP SIGNATURE-----


NOBRAINER.PY signature (v1.043):

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (MingW32)

iD8DBQBSXwb00dQqIfkZdf4RAt/8AJsE5Jdnpr152n4puikNOAjTUhBdNwCfcZAW
uglVEY6LH99BGoSPrTk0Dlw=
=JUcE
-----END PGP SIGNATURE-----

[Luke-Jr]

- makes 90-bit strong and easy-to-remember passphrases (this can be modified if needed)

Contradiction? How is 90-bit strong when the norm is 256-bit?
And usually "easy-to-remember" and "strong" are inherently opposites...

[flatfly]

- makes 90-bit strong and easy-to-remember passphrases (this can be modified if needed)

Contradiction? How is 90-bit strong when the norm is 256-bit?
And usually "easy-to-remember" and "strong" are inherently opposites...

Well, what's the point of using 256-bit passwords?
Of course there is always a trade-off between "easy-to-remember" and "strong".

A 90-bit passphrase, *IF* randomly generated (as this script is doing), has
NEVER been cracked and it will most likely not be in our lifetimes. Sure, 256-bit is nicer, but completely overkill in the context of password strength, and who would be able to remember it on the long run?

I would be happy to be proven wrong on this choice, and remain open to discussion.

Of course the paranoid can always tweak the script to generate even stronger passphrases.
But I think 99.99% of brainwallet users would be extremely safe with a standard 7-word NoBrainr passphrase.

EDIT: A relevant quote from the Diceware FAQ that I like is:

"Of course, if you are worried about an organization that can break a seven-word passphrase, there are a number of other issues you should be concerned with -- such as how well you pay the team of armed guards that are protecting your computer 24 hours a day."
 

[flatfly]

Could someone with a Raspberry Pi try it out and let me know if it works fine? That would be great.