[ANN] bitaddress.org Safe JavaScript Bitcoin address/private key

[birr]

It occurs to me that if one wants to go to the trouble of generating truly random strings, then you don't have to go through bitaddress.org to make your key.
Bitaddress.org uses a hash to generate a 256 bit number from your passphrase.  But if you are going to generate entropy legitimately, you can just cut straight to the chase.  Skip the hash.  Generate a 256 bit random number and use the number itself as the payload.  This 256 bits is your real private key; you just have to encode it in base58check (Wallet Import Format) to make a key you can use.  There's a fairly simple process to do that, involving a couple of hashes to generate the checksum (this is built into Bitaddress.org, but you are skipping the passphrase hashing step so you have to do the encoding yourself).  
Any linux distro ought to be able to do the hashes.

[cypherdoc]

It occurs to me that if one wants to go to the trouble of generating truly random strings, then you don't have to go through bitaddress.org to make your key.
Bitaddress.org uses a hash to generate a 256 bit number from your passphrase.  But if you are going to generate entropy legitimately, you can just cut straight to the chase.  Skip the hash.  Generate a 256 bit random number and use the number itself as the payload.  This 256 bits is your real private key; you just have to encode it in base58check (Wallet Import Format) to make a key you can use.  There's a fairly simple process to do that, involving a couple of hashes to generate the checksum (this is built into Bitaddress.org, but you are skipping the passphrase hashing step so you have to do the encoding yourself).  
Any linux distro ought to be able to do the hashes.

did you mean "Skip the passphrase"?

[birr]

Yes.
By generating a random 256 bit number you are skipping the first step of making a passphrase, and the second step of hashing the passphrase to get a 256 bit number.
I just generated a 256 bit number by going to random.org and telling it to generate a random number in the range of 0 to 65535.  That's 65536 possibilities, which is 16^4 or four hex characters.  So if you do this 16 times, you can get 64 hex characters, which is a private key.  Random.org generates decimal numbers, so you convert 16 numbers from random.org into hex and you get sixteen four-digit hex numbers that you can concatenate for the private key.  Then you can encode it into base58check.  Brainwallet.org will do that for you, but for the paranoid, it can be done at the linux command line.

[cypherdoc]

Yes.
By generating a random 256 bit number you are skipping the first step of making a passphrase, and the second step of hashing the passphrase to get a 256 bit number.
I just generated a 256 bit number by going to random.org and telling it to generate a random number in the range of 0 to 65535.  That's 65536 possibilities, which is 16^4 or four hex characters.  So if you do this 16 times, you can get 64 hex characters, which is a private key.  Random.org generates decimal numbers, so you convert 16 numbers from random.org into hex and you get sixteen four-digit hex numbers that you can concatenate for the private key.  Then you can encode it into base58check.  Brainwallet.org will do that for you, but for the paranoid, it can be done at the linux command line.

why isn't the 99 dice roll method better than this?

[birr]

Yes.
By generating a random 256 bit number you are skipping the first step of making a passphrase, and the second step of hashing the passphrase to get a 256 bit number.
I just generated a 256 bit number by going to random.org and telling it to generate a random number in the range of 0 to 65535.  That's 65536 possibilities, which is 16^4 or four hex characters.  So if you do this 16 times, you can get 64 hex characters, which is a private key.  Random.org generates decimal numbers, so you convert 16 numbers from random.org into hex and you get sixteen four-digit hex numbers that you can concatenate for the private key.  Then you can encode it into base58check.  Brainwallet.org will do that for you, but for the paranoid, it can be done at the linux command line.

why isn't the 99 dice roll method better than this?

I had to go look at the bitaddress.org website to see what you're talking about.
I didn't know bitaddress.org had a place where you could input a raw number as a key, and have it do the WIF conversion for you.
Whether you use random.org, dice or cards, it's the same thing.  You generate a 256 bit number (randomly).  That's your key.
Actually, 6^99 = 2^255.9112876 so it's not ezackly 256 bits.

[cypherdoc]

Yes.
By generating a random 256 bit number you are skipping the first step of making a passphrase, and the second step of hashing the passphrase to get a 256 bit number.
I just generated a 256 bit number by going to random.org and telling it to generate a random number in the range of 0 to 65535.  That's 65536 possibilities, which is 16^4 or four hex characters.  So if you do this 16 times, you can get 64 hex characters, which is a private key.  Random.org generates decimal numbers, so you convert 16 numbers from random.org into hex and you get sixteen four-digit hex numbers that you can concatenate for the private key.  Then you can encode it into base58check.  Brainwallet.org will do that for you, but for the paranoid, it can be done at the linux command line.

why isn't the 99 dice roll method better than this?

I had to go look at the bitaddress.org website to see what you're talking about.
I didn't know bitaddress.org had a place where you could input a raw number as a key, and have it do the WIF conversion for you.
Whether you use random.org, dice or cards, it's the same thing.  You generate a 256 bit number (randomly).  That's your key.
Actually, 6^99 = 2^255.9112876 so it's not ezackly 256 bits.

Yep, not ezackly

But I think it's better because it's a physical method not susceptible to a website compromise.

[cypherdoc]

For instance, why do these 2 urls go to the same apparent website?

https://www.random.org/
http://www.random.org/

[birr]

For instance, why do these 2 urls go to the same apparent website?

https://www.random.org/
http://www.random.org/

Touche'
Looks like both url's go to www.random.org, the difference is whether you use SSL, am I right about that? 

Depending on what you want to use it for, you might want to make sure you get the one that uses SSL.

[cypherdoc]

For instance, why do these 2 urls go to the same apparent website?

https://www.random.org/
http://www.random.org/

Touche'
Looks like both url's go to www.random.org, the difference is whether you use SSL, am I right about that?  

Depending on what you want to use it for, you might want to make sure you get the one that uses SSL.

yes, https is an encrypted tunnel that should be your default whenever possible.

you don't want the NSA accusing you of generating Bitcoin keys now do you?  

plus, i wonder if http://www.random.org/ a monitored site?

[birr]

you don't want the NSA accusing you of generating Bitcoin keys now do you?  

plus, i wonder if http://www.random.org/ a monitored site?

You are so harshing my mellow!
Time to get a VPN?  Or use a live USB with tails, which goes through tor.  But the tor exit node might just be run by the NSA.

[bruter]

pointbiz

SHA1 is compromised and it is possible to make file with the same SHA1 hash like published here in the first page.

Can you change verification algorithm with some more secure, please?

[Newar]

Would it be possible (make sense) to let us use our own generated private keys for the split wallet? I.e. a box on that tab to paste a private key?

[silversurfer1958]

I understand that Devs don't like Brainwallets because they know people are going to resort to the same sort of easy to remember  passwords that they already use.
What's needed is a way of hardening private keys generated by Brainwallets from attack from Rainbow table generation.

I understand that the way brainwallets are created now is   Sha256(Pswd)

Wouldn't a simple way to slow down the creation of rainbow tables be to use Sha256(Bcrypt(Pswd))

It would never protect a truly bad password like 'password123' but would help harden moderately good passwords. from attack.

[spiccioli]

Hi,

I'm trying to create a BIP38 password protected paper wallet on windows XP 32bit using firefox 30 but it never completes the task, opening the web console I see an out of memory exception a few seconds after it starts making them.

See attached image.

http://imgur.com/BNjhW2r

Normal paper wallets are created without problems.

Best regards.

spiccioli

[gadman2]

Is there a way to take this website offline and put it on a thumb drive or a external hard drive. Maybe even a smart phone?

[maxmint]

Is there a way to take this website offline and put it on a thumb drive or a external hard drive. Maybe even a smart phone?

You can just download it from GitHub:
https://github.com/pointbiz/bitaddress.org

[ljpravnik]

Would it be possible (make sense) to let us use our own generated private keys for the split wallet? I.e. a box on that tab to paste a private key?

Of course it makes sense. I was so annoyed because of this feature missing that I decided to start learning javascript. Because I am not a programmer it took me one whole day to figure it out.

Under "splitKey: function" replace the line:
var key = new Bitcoin.ECKey(false)

with this line:
var mykey = document.getElementById("combineinput").value.replace(/^\s+|\s+$/g, "").toString();
if ("combineinput" == "") {var key = new Bitcoin.ECKey(false)} else {var key = new Bitcoin.ECKey(mykey)};

Now you can enter your private key into the box under "Enter Available Shares (whitespace separated)" and press the generate button. If you leave the box empty it will generate (and split) new private key.

[Newar]

Would it be possible (make sense) to let us use our own generated private keys for the split wallet? I.e. a box on that tab to paste a private key?

Of course it makes sense. I was so annoyed because of this feature missing that I decided to start learning javascript. Because I am not a programmer it took me one whole day to figure it out.

Under "splitKey: function" replace the line:
var key = new Bitcoin.ECKey(false)

with this line:
var mykey = document.getElementById("combineinput").value.replace(/^\s+|\s+$/g, "").toString();
if ("combineinput" == "") {var key = new Bitcoin.ECKey(false)} else {var key = new Bitcoin.ECKey(mykey)};

Now you can enter your private key into the box under "Enter Available Shares (whitespace separated)" and press the generate button. If you leave the box empty it will generate (and split) new private key.

Excellent effort! I will give it a go.

Did you submit a pull request?

[pointbiz]

new SSL fingerprint for cert expiring sept 2019
44:29:59:A4:66:44:C7:EC:43:DF:22:AE:1A:B3:9E:E3:64:44:10:F8

[pointbiz]

Hi,

I'm trying to create a BIP38 password protected paper wallet on windows XP 32bit using firefox 30 but it never completes the task, opening the web console I see an out of memory exception a few seconds after it starts making them.

See attached image.

http://imgur.com/BNjhW2r

Normal paper wallets are created without problems.

Best regards.

spiccioli

There are minimum hardware requirements for BIP38 so there won't be any way to fix this.