Bitcoin Forum
September 25, 2018, 06:21:31 PM *
News: ♦♦ New info! Bitcoin Core users absolutely must upgrade to previously-announced 0.16.3 [Torrent]. All Bitcoin users should temporarily trust confirmations slightly less. More info.
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: found an online complex random word generator, better for creating private seed?  (Read 72 times)
anticonformist
Newbie
*
Offline Offline

Activity: 43
Merit: 0


View Profile
May 20, 2018, 05:28:06 AM
 #1

I found this online website http://listofrandomwords.com/ which can generate random words from i think 10's of thousands of words, and where as electrum only chooses from a list of 1626 words as far as i know. And the words it generates are very complex and not often used where as electrum's words are simple and used everyday. So why doesn't electrum use more words or this program to generate the private seed?
1537899691
Hero Member
*
Offline Offline

Posts: 1537899691

View Profile Personal Message (Offline)

Ignore
1537899691
Reply with quote  #2

1537899691
Report to moderator
1537899691
Hero Member
*
Offline Offline

Posts: 1537899691

View Profile Personal Message (Offline)

Ignore
1537899691
Reply with quote  #2

1537899691
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1537899691
Hero Member
*
Offline Offline

Posts: 1537899691

View Profile Personal Message (Offline)

Ignore
1537899691
Reply with quote  #2

1537899691
Report to moderator
Abdussamad
Legendary
*
Offline Offline

Activity: 1862
Merit: 1064



View Profile WWW
May 20, 2018, 06:42:26 AM
Merited by pooya87 (1)
 #2

- Trusting that site with your seed is a bad idea. The seed is only secure if only you know it.

- The source of the random number matters more than the size of the dictionary. Who knows where that site gets its random numbers from? Electrum uses the cryptographically secure random number generator provided by your operating system. It is this that gets encoded as the seed mnemonic.

- A larger dictionary is possible. You can replace the Electrum dictionary with your own custom one. The default dictionaries are found in the wordlist subdirectory. for example in /usr/lib/python3.4/site-packages/electrum/wordlist/ on linux.

- I tried it with the EFF word list combined with the Electrum one and it only reduced the seed length from 12 words to 11. So not a big difference. The combined list with duplicate words removed is here: https://pastebin.com/Kn3J6CGa . The electrum dictionary is 2048 words while this one is nearly 9000 words.

- The words in the dictionary have to satisfy certain criteria. Similar sounding words are not a good idea. Words that have similar spellings are also out. Uncommon words are not a good idea either.




bob123
Hero Member
*****
Offline Offline

Activity: 686
Merit: 568



View Profile WWW
May 20, 2018, 12:47:26 PM
 #3

I found this online website http://listofrandomwords.com/ which can generate random words from i think 10's of thousands of words, and where as electrum only chooses from a list of 1626 words as far as i know.

IIRC, electrum uses the same words as BIP39. This would there are 2048 words, not 1626.
The problem with this site is, that you don't know how these words are created. What kind of RNG is being used is the most important thing regarding security here.
A bad PRNG can decrease the search space to ~0.5 - 1%. Therefore the highest priority should be to have enough entropy.



And the words it generates are very complex and not often used where as electrum's words are simple and used everyday. So why doesn't electrum use more words or this program to generate the private seed?

It doesn't metter whether the words are simple or complex.
The 'randomness' and the char size is what matters. And 12 words out of 2048 is almost as secure as the private-/public-key stucture of BTC itself. Not possible to be bruteforced.

Using a bigger dictionary would not bring any relevant benefit.

HCP
Hero Member
*****
Offline Offline

Activity: 728
Merit: 925

<insert witty quote here>


View Profile
May 20, 2018, 01:39:37 PM
 #4

- The words in the dictionary have to satisfy certain criteria. Similar sounding words are not a good idea. Words that have similar spellings are also out. Uncommon words are not a good idea either.
I never quite understood this claim of BIP39...

Especially when you can obviously see similar words like:

arm/army
blue/blur
box/boy
call/calm
east/easy
kit/kite
kid/kind
maid/mail/main

etc etc... Roll Eyes Huh

They make this a "rule" of ideal wordlists and then develop the "default" English wordlist that completely ignores it... Roll Eyes

ETFbitcoin
Legendary
*
Online Online

Activity: 1442
Merit: 1106

Use SegWit and enjoy lower fees


View Profile
May 20, 2018, 02:34:15 PM
 #5

As long as they use proper random algorithm such as CSPRNG, you can use their service/software offline and it's open source, i think it's good enough to create your own mnenomic seed.
But, if your goal is to make a nmemonic seed that you can remember, you should use seed generator based on things that you could remember such as Seedshift - Encrypt/decrypt your BIP-39 seed words with a date shift cipher. I've no idea how secure this Seedshift though.

Use SegWit and enjoy lower fees
hatshepsut93
Hero Member
*****
Offline Offline

Activity: 910
Merit: 601


Vires in numeris


View Profile
May 20, 2018, 06:33:10 PM
 #6

I found this online website http://listofrandomwords.com/ which can generate random words from i think 10's of thousands of words, and where as electrum only chooses from a list of 1626 words as far as i know. And the words it generates are very complex and not often used where as electrum's words are simple and used everyday. So why doesn't electrum use more words or this program to generate the private seed?

It's a pretty common mistake among newbies to overthink stuff like bits of security and encryption algorithms - those are well-tested and reviewed and deemed secure by experts, if Electrum had some flaws here, everyone would be talking about it. But Electrum's ~128 bits of entropy are enough for any user, and by trying to get more security inexperienced users can actually weaken their security or even expose themselves to malware. It's better to spend your time on creating isolated environment for signing transactions, strengthening your online accounts with 2FA and so on - those are attacked way more often than some theoretical brute-force attacks on seeds.

HCP
Hero Member
*****
Offline Offline

Activity: 728
Merit: 925

<insert witty quote here>


View Profile
May 21, 2018, 09:46:37 PM
 #7

.... So why doesn't electrum use more words or this program to generate the private seed?
Because the "seed" is not actually words... The seed, like other HD wallets, is actually just a (VERY) large number. The seed mnemonic (ie. the words) is just a method for representing that very large number that makes more sense to humans and is (somewhat) less error prone to transcription errors that attempting to write down a 128 char hex sequence. Tongue

In any case... you CAN use custom word lists to build a seed mnemonic if you wish... this is even mentioned in BIP39:
The conversion of the mnemonic sentence to a binary seed is completely independent from generating the sentence. This results in rather simple code; there are no constraints on sentence structure and clients are free to implement their own wordlists or even whole sentence generators, allowing for flexibility in wordlists for typo detection or other purposes.
The problem is that by using custom systems, you remove compatibility with other wallets... so you'd be effectively locked into whatever wallet you were using.


Also, as previously mentioned, it isn't the length or complexity of the words themselves that protect you... it is the entropy used to initially create the sequence of "random" words... and 2048 words is enough to encode up to 256 bits of entropy:
The mnemonic must encode entropy in a multiple of 32 bits. With more entropy security is improved but the sentence length increases. We refer to the initial entropy length as ENT. The allowed size of ENT is 128-256 bits.

Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!