Bitcoin Forum
December 04, 2016, 10:39:04 PM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: « 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 [32] 33 34 35 36 37 38 39 »
  Print  
Author Topic: [ANN] bitaddress.org Safe JavaScript Bitcoin address/private key  (Read 109978 times)
smoothie
Legendary
*
Offline Offline

Activity: 1834


LEALANA Monero Physical Silver Coins


View Profile
April 28, 2014, 05:03:35 AM
 #621

How would you equate this with the dice roll method in the Wallet Detail tab of the html utility?
In principle, no difference.  But when the average person takes a deck of card and gives it a few shuffles, the deck may have some residual order.  I don't think a fair die exhibits the same potential weakness.  Physical intuition tells me that as long as the die bounces a few times before settling down, the result is essentially unpredictable.  So in this respect, cards may be the weaker choice.

Having said that, I still think that cards are quite adequate for generating entropy, as long as you know what you're doing.  Start by reading the wikipedia page on card shuffling:


http://en.wikipedia.org/wiki/Shuffling
I find this sentence particularly interesting:
"seven shuffles of a new deck leaves an 81% probability of winning New Age Solitaire where the probability is 50% with a uniform random deck"

Considering the sophistication of hackers and the computing power at their command, having any residual pattern to the arrangement of the cards poses a risk.  If cards become a commonly used technique for generating passphrases, the hackers will know about it and tailor their cracking techniques to any pattern known to result from weak shuffling.  Therefore

Good shuffling is critically important.  

I don't limit my shuffling to riffles.  I also use an overhand shuffle where I hold the deck in my right hand and slide a few cards at a time off the top of the deck into my left hand.  This is a very easy shuffle.  I guess a dozen overhand shuffles alternating with a dozen riffles would do it, but considering how easy and quick it is to shuffle a deck of cards, it wouldn't hurt you to do more.  

Each passphrase only uses a couple of dozen cards, so you can generate two passphrases from a shuffled deck.

Thanks. I find it interesting that in this day of the digitalization of money, we find ourselves resorting to physical means for maximum security, ie, RNGs and paper wallets.

How is a RNG a physical means for maximum security? Am I missing something?

███████████████████████████████████████

            ,╓p@@███████@╗╖,           
        ,p████████████████████N,       
      d█████████████████████████b     
    d██████████████████████████████æ   
  ,████²█████████████████████████████, 
 ,█████  ╙████████████████████╨  █████y
 ██████    `████████████████`    ██████
║██████       Ñ███████████`      ███████
███████         ╩██████Ñ         ███████
███████    ▐▄     ²██╩     a▌    ███████
╢██████    ▐▓█▄          ▄█▓▌    ███████
 ██████    ▐▓▓▓▓▌,     ▄█▓▓▓▌    ██████─
           ▐▓▓▓▓▓▓█,,▄▓▓▓▓▓▓▌          
           ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▌          
    ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓─  
     ²▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓╩    
        ▀▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▀       
           ²▀▀▓▓▓▓▓▓▓▓▓▓▓▓▀▀`          
                   ²²²                 
███████████████████████████████████████

. ★☆ WWW.LEALANA.COM        My PGP fingerprint is A764D833.        SMOOTHIE'S HEALTH AND FITNESS JOURNAL          History of Monero development Visualization ★☆ .
LEALANA  PHYSICAL MONERO COINS 999 FINE SILVER.
 
1480891144
Hero Member
*
Offline Offline

Posts: 1480891144

View Profile Personal Message (Offline)

Ignore
1480891144
Reply with quote  #2

1480891144
Report to moderator
1480891144
Hero Member
*
Offline Offline

Posts: 1480891144

View Profile Personal Message (Offline)

Ignore
1480891144
Reply with quote  #2

1480891144
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1480891144
Hero Member
*
Offline Offline

Posts: 1480891144

View Profile Personal Message (Offline)

Ignore
1480891144
Reply with quote  #2

1480891144
Report to moderator
1480891144
Hero Member
*
Offline Offline

Posts: 1480891144

View Profile Personal Message (Offline)

Ignore
1480891144
Reply with quote  #2

1480891144
Report to moderator
1480891144
Hero Member
*
Offline Offline

Posts: 1480891144

View Profile Personal Message (Offline)

Ignore
1480891144
Reply with quote  #2

1480891144
Report to moderator
cypherdoc
Legendary
*
Offline Offline

Activity: 1764



View Profile
April 28, 2014, 06:44:06 AM
 #622

How would you equate this with the dice roll method in the Wallet Detail tab of the html utility?
ft
In principle, no difference.  But when the average person takes a deck of card and gives it a few shuffles, the deck may have some residuual order.  I don't think a fair die exhibits the same potential weakness.  Physical intuition tells me that as long as the die bounces a few times before settling down, the result is essentially unpredictable.  So in this respect, cards may be the weaker choice.

Having said that, I still think that cards are quite adequate for generating entropy, as long as you know what you're doing.  Start by reading the wikipedia page on card shuffling:


http://en.wikipedia.org/wiki/Shuffling
I find this sentence particularly interesting:
"seven shuffles of a new deck leaves an 81% probability of winning New Age Solitaire where the probability is 50% with a uniform random deck"

Considering the sophistication of hackers and the computing power at their command, having any residual pattern to the arrangement of the cards poses a risk.  If cards become a commonly used technique for generating passphrases, the hackers will know about it and tailor their cracking techniques to any pattern known to result from weak shuffling.  Therefore

Good shuffling is critically important.  

I don't limit my shuffling to riffles.  I also use an overhand shuffle where I hold the deck in my right hand and slide a few cards at a time off the top of the deck into my left hand.  This is a very easy shuffle.  I guess a dozen overhand shuffles alternating with a dozen riffles would do it, but considering how easy and quick it is to shuffle a deck of cards, it wouldn't hurt you to do more.  

Each passphrase only uses a couple of dozen cards, so you can generate two passphrases from a shuffled deck.

Thanks. I find it interesting that in this day of the digitalization of money, we find ourselves resorting to physical means for maximum security, ie, RNGs and paper wallets.

How is a RNG a physical means for maximum security? Am I missing something?

Normally they aren't but with the recent vulnerabilities in PRNGs seen in the android and DBRG curve and potentially in other hardware with the NSA revelations, here we have people turning to dice and card shuffling as the optimum and safest means to generate random seeds.
birr
Hero Member
*****
Offline Offline

Activity: 592


View Profile
May 01, 2014, 01:02:41 AM
 #623

It occurs to me that if one wants to go to the trouble of generating truly random strings, then you don't have to go through bitaddress.org to make your key.
Bitaddress.org uses a hash to generate a 256 bit number from your passphrase.  But if you are going to generate entropy legitimately, you can just cut straight to the chase.  Skip the hash.  Generate a 256 bit random number and use the number itself as the payload.  This 256 bits is your real private key; you just have to encode it in base58check (Wallet Import Format) to make a key you can use.  There's a fairly simple process to do that, involving a couple of hashes to generate the checksum (this is built into Bitaddress.org, but you are skipping the passphrase hashing step so you have to do the encoding yourself).  
Any linux distro ought to be able to do the hashes.
cypherdoc
Legendary
*
Offline Offline

Activity: 1764



View Profile
May 01, 2014, 01:08:21 AM
 #624

It occurs to me that if one wants to go to the trouble of generating truly random strings, then you don't have to go through bitaddress.org to make your key.
Bitaddress.org uses a hash to generate a 256 bit number from your passphrase.  But if you are going to generate entropy legitimately, you can just cut straight to the chase.  Skip the hash.  Generate a 256 bit random number and use the number itself as the payload.  This 256 bits is your real private key; you just have to encode it in base58check (Wallet Import Format) to make a key you can use.  There's a fairly simple process to do that, involving a couple of hashes to generate the checksum (this is built into Bitaddress.org, but you are skipping the passphrase hashing step so you have to do the encoding yourself).  
Any linux distro ought to be able to do the hashes.


did you mean "Skip the passphrase"?
birr
Hero Member
*****
Offline Offline

Activity: 592


View Profile
May 01, 2014, 01:32:11 AM
 #625

Yes.
By generating a random 256 bit number you are skipping the first step of making a passphrase, and the second step of hashing the passphrase to get a 256 bit number.
I just generated a 256 bit number by going to random.org and telling it to generate a random number in the range of 0 to 65535.  That's 65536 possibilities, which is 16^4 or four hex characters.  So if you do this 16 times, you can get 64 hex characters, which is a private key.  Random.org generates decimal numbers, so you convert 16 numbers from random.org into hex and you get sixteen four-digit hex numbers that you can concatenate for the private key.  Then you can encode it into base58check.  Brainwallet.org will do that for you, but for the paranoid, it can be done at the linux command line.
cypherdoc
Legendary
*
Offline Offline

Activity: 1764



View Profile
May 01, 2014, 01:54:54 AM
 #626

Yes.
By generating a random 256 bit number you are skipping the first step of making a passphrase, and the second step of hashing the passphrase to get a 256 bit number.
I just generated a 256 bit number by going to random.org and telling it to generate a random number in the range of 0 to 65535.  That's 65536 possibilities, which is 16^4 or four hex characters.  So if you do this 16 times, you can get 64 hex characters, which is a private key.  Random.org generates decimal numbers, so you convert 16 numbers from random.org into hex and you get sixteen four-digit hex numbers that you can concatenate for the private key.  Then you can encode it into base58check.  Brainwallet.org will do that for you, but for the paranoid, it can be done at the linux command line.

why isn't the 99 dice roll method better than this?
birr
Hero Member
*****
Offline Offline

Activity: 592


View Profile
May 01, 2014, 02:07:38 AM
 #627

Yes.
By generating a random 256 bit number you are skipping the first step of making a passphrase, and the second step of hashing the passphrase to get a 256 bit number.
I just generated a 256 bit number by going to random.org and telling it to generate a random number in the range of 0 to 65535.  That's 65536 possibilities, which is 16^4 or four hex characters.  So if you do this 16 times, you can get 64 hex characters, which is a private key.  Random.org generates decimal numbers, so you convert 16 numbers from random.org into hex and you get sixteen four-digit hex numbers that you can concatenate for the private key.  Then you can encode it into base58check.  Brainwallet.org will do that for you, but for the paranoid, it can be done at the linux command line.

why isn't the 99 dice roll method better than this?
I had to go look at the bitaddress.org website to see what you're talking about.
I didn't know bitaddress.org had a place where you could input a raw number as a key, and have it do the WIF conversion for you.
Whether you use random.org, dice or cards, it's the same thing.  You generate a 256 bit number (randomly).  That's your key.
Actually, 6^99 = 2^255.9112876 so it's not ezackly 256 bits.
cypherdoc
Legendary
*
Offline Offline

Activity: 1764



View Profile
May 01, 2014, 02:12:07 AM
 #628

Yes.
By generating a random 256 bit number you are skipping the first step of making a passphrase, and the second step of hashing the passphrase to get a 256 bit number.
I just generated a 256 bit number by going to random.org and telling it to generate a random number in the range of 0 to 65535.  That's 65536 possibilities, which is 16^4 or four hex characters.  So if you do this 16 times, you can get 64 hex characters, which is a private key.  Random.org generates decimal numbers, so you convert 16 numbers from random.org into hex and you get sixteen four-digit hex numbers that you can concatenate for the private key.  Then you can encode it into base58check.  Brainwallet.org will do that for you, but for the paranoid, it can be done at the linux command line.

why isn't the 99 dice roll method better than this?
I had to go look at the bitaddress.org website to see what you're talking about.
I didn't know bitaddress.org had a place where you could input a raw number as a key, and have it do the WIF conversion for you.
Whether you use random.org, dice or cards, it's the same thing.  You generate a 256 bit number (randomly).  That's your key.
Actually, 6^99 = 2^255.9112876 so it's not ezackly 256 bits.

Yep, not ezackly Wink

But I think it's better because it's a physical method not susceptible to a website compromise.
cypherdoc
Legendary
*
Offline Offline

Activity: 1764



View Profile
May 01, 2014, 02:34:18 AM
 #629

For instance, why do these 2 urls go to the same apparent website?

https://www.random.org/
http://www.random.org/
birr
Hero Member
*****
Offline Offline

Activity: 592


View Profile
May 03, 2014, 05:57:45 PM
 #630

For instance, why do these 2 urls go to the same apparent website?

https://www.random.org/
http://www.random.org/
Touche'
Looks like both url's go to www.random.org, the difference is whether you use SSL, am I right about that? 

Depending on what you want to use it for, you might want to make sure you get the one that uses SSL.
cypherdoc
Legendary
*
Offline Offline

Activity: 1764



View Profile
May 03, 2014, 06:05:24 PM
 #631

For instance, why do these 2 urls go to the same apparent website?

https://www.random.org/
http://www.random.org/
Touche'
Looks like both url's go to www.random.org, the difference is whether you use SSL, am I right about that?  

Depending on what you want to use it for, you might want to make sure you get the one that uses SSL.

yes, https is an encrypted tunnel that should be your default whenever possible.

you don't want the NSA accusing you of generating Bitcoin keys now do you?  Wink

plus, i wonder if http://www.random.org/ a monitored site?
birr
Hero Member
*****
Offline Offline

Activity: 592


View Profile
May 03, 2014, 06:19:36 PM
 #632


you don't want the NSA accusing you of generating Bitcoin keys now do you?  Wink

plus, i wonder if http://www.random.org/ a monitored site?
You are so harshing my mellow!
Time to get a VPN?  Or use a live USB with tails, which goes through tor.  But the tor exit node might just be run by the NSA. Shocked
bruter
Newbie
*
Offline Offline

Activity: 14


View Profile
May 16, 2014, 08:07:15 AM
 #633

pointbiz

SHA1 is compromised and it is possible to make file with the same SHA1 hash like published here in the first page.

Can you change verification algorithm with some more secure, please?
Newar
Legendary
*
Offline Offline

Activity: 1148


https://gliph.me/hUF


View Profile
June 02, 2014, 11:03:56 AM
 #634

Would it be possible (make sense) to let us use our own generated private keys for the split wallet? I.e. a box on that tab to paste a private key?

OTC rating | GPG keyid 1DC91318EE785FDE | Gliph: lightning bicycle tree music | Mycelium, a swift & secure Bitcoin client for Android | LocalBitcoins
silversurfer1958
Full Member
***
Offline Offline

Activity: 219


View Profile WWW
June 13, 2014, 12:46:58 PM
 #635

I understand that Devs don't like Brainwallets because they know people are going to resort to the same sort of easy to remember  passwords that they already use.
What's needed is a way of hardening private keys generated by Brainwallets from attack from Rainbow table generation.

I understand that the way brainwallets are created now is   Sha256(Pswd)

Wouldn't a simple way to slow down the creation of rainbow tables be to use Sha256(Bcrypt(Pswd))

It would never protect a truly bad password like 'password123' but would help harden moderately good passwords. from attack.

spiccioli
Legendary
*
Offline Offline

Activity: 1376

nec sine labore


View Profile
July 03, 2014, 06:49:47 AM
 #636

Hi,

I'm trying to create a BIP38 password protected paper wallet on windows XP 32bit using firefox 30 but it never completes the task, opening the web console I see an out of memory exception a few seconds after it starts making them.

See attached image.

http://imgur.com/BNjhW2r

Normal paper wallets are created without problems.

Best regards.

spiccioli
gadman2
Legendary
*
Offline Offline

Activity: 850


WWW.HOMETOWNARMS.COM


View Profile WWW
July 21, 2014, 11:05:10 AM
 #637

Is there a way to take this website offline and put it on a thumb drive or a external hard drive. Maybe even a smart phone?

MY legal firearm business accepts bitcoin, click here

All gaudy signature users are ignored
maxmint
Hero Member
*****
Offline Offline

Activity: 686



View Profile
July 21, 2014, 11:06:04 AM
 #638

Is there a way to take this website offline and put it on a thumb drive or a external hard drive. Maybe even a smart phone?

You can just download it from GitHub:
https://github.com/pointbiz/bitaddress.org

My PGP-Key: 462D02D8
Verify my messages using keybase: https://keybase.io/maxmint
ljpravnik
Newbie
*
Offline Offline

Activity: 1


View Profile
July 26, 2014, 10:19:23 PM
 #639

Would it be possible (make sense) to let us use our own generated private keys for the split wallet? I.e. a box on that tab to paste a private key?

Of course it makes sense. I was so annoyed because of this feature missing that I decided to start learning javascript. Because I am not a programmer it took me one whole day to figure it out.

Under "splitKey: function" replace the line:
var key = new Bitcoin.ECKey(false)

with this line:
var mykey = document.getElementById("combineinput").value.replace(/^\s+|\s+$/g, "").toString();
if ("combineinput" == "") {var key = new Bitcoin.ECKey(false)} else {var key = new Bitcoin.ECKey(mykey)};


Now you can enter your private key into the box under "Enter Available Shares (whitespace separated)" and press the generate button. If you leave the box empty it will generate (and split) new private key.


1CqhMG8fFrtrRJ6kAzJaiaRX7f4KS4EofM
Newar
Legendary
*
Offline Offline

Activity: 1148


https://gliph.me/hUF


View Profile
July 28, 2014, 02:36:18 AM
 #640

Would it be possible (make sense) to let us use our own generated private keys for the split wallet? I.e. a box on that tab to paste a private key?

Of course it makes sense. I was so annoyed because of this feature missing that I decided to start learning javascript. Because I am not a programmer it took me one whole day to figure it out.

Under "splitKey: function" replace the line:
var key = new Bitcoin.ECKey(false)

with this line:
var mykey = document.getElementById("combineinput").value.replace(/^\s+|\s+$/g, "").toString();
if ("combineinput" == "") {var key = new Bitcoin.ECKey(false)} else {var key = new Bitcoin.ECKey(mykey)};


Now you can enter your private key into the box under "Enter Available Shares (whitespace separated)" and press the generate button. If you leave the box empty it will generate (and split) new private key.



Excellent effort! I will give it a go.

Did you submit a pull request?

OTC rating | GPG keyid 1DC91318EE785FDE | Gliph: lightning bicycle tree music | Mycelium, a swift & secure Bitcoin client for Android | LocalBitcoins
Pages: « 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 [32] 33 34 35 36 37 38 39 »
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!