mircea_popescu: random is a scam.
Indeed, you should need no more convincing on the matter of randomness. MP said so, and he has a way of calling the shotsi.
Since random is a scam, Random Number Generators (RNGs) are most definitely not random and therefore quite undeserving of our trust.ii. This being so, we have two choices: (1) we can pout and wave our futile little fists at the sky, or (2) we can generate some good ol’ fashioned entropy.
Entropy, for those who’ve forgotten their klassroom fisiks, is the degree of disorder in a system. We should be most familiar with this concept from the Second Law of Thermodynamics, which states that the world acts spontaneously to minimize potentialsiii or, equivalently, maximize entropy. In information theory, entropy is measured in bits, where one bit of entropy is equivalent to the uncertainty of a single coin flip, two bits is two flips, and so on.
So why does entropy matter to Bitcoin? Because entropy is all about collisions and therefore the likelihood of brute-forcing an input based on the output. As such, entropy is the core of private key security.
For many users, a strong password and a USB back-up are the only tools implemented in wallet security. With a desktop clientiv, a web-based walletv, or bitaddress.org’s paper walletsvi, we’re trusting someone else’s interpretation of “adequate entropy”. As much as Bitcoiners loooove trusting, let’s not and say we did.
Generating secure and highly entropic private keys is of the utmost importance, and it’s easy enough to do on our own. Here are the steps:
1. Visit bitaddress.org
2. Save the page as an HTML file to a USB key.
3. Safely remove the USB and plug it into an offline computer running a clean OS.
4. Open the HTML file and click on “Brain Wallet”vii.
5. Since your own vocabulary is inadequateviii, derive an 10-word (minimum) passphrase using five (5) dice and this 7776-word English dicelist, this Romanian dicelist, or one of these other non-English language dicelists.
6. Click “View”, then print 2 copies.
7. Clear the browsing history, safely eject the USB drive, and restart the computer.
Voila! You now have a high-entropy private key on a paper wallet (aka cold storage)!
You should keep each copy of the paper wallet in a different location, and even cut each piece in half and store them separately so that the compromising of one location doesn’t compromise your savings. Laminating each piece will also protect from age-related fading and moisture damage.
That’s it! You’re now your own bank.
Welcome to Bitcoin.
___ ___ ___
- See Bitcoin as a currency, Mt. Gox, Bitcoin Foundation, and as the King of Siam would say: “etsetera, etsetera, etsetera”. [↩]
- RNGs, then, are as intentionally gibbled as the rest of our our digital security. [↩]
- This sounds suspiciously like the present state of affairs in the modern welfare state, where the masses distribute and diffuse the achievements of the productive few. [↩]
- Like Bitcoin-qt or MultiBit [↩]
- I personally find blockchain.info to be quite well designed [↩]
- This function uses SHA256 to hash your passphrase. One sincerely hopes. [↩]
- You don’t want to end up like this chump, do you? [↩]