Author

Topic: Generate an address (Read 3053 times)

legendary
Activity: 3472
Merit: 4801
September 17, 2013, 08:30:41 AM
#42
For next time how do you think I can write my private key in code safely but easy enough to decode by hand?

I wouldn't try to encode/decode by hand.  I'd generate a random 256 bit number, perform an XOR between the random 256 bit number and the bitcoin address, then encode both the random number and the result of the XOR in something like base58.  Next I'd have two different engravers engrave two separate items, each engraving one of the two encoded strings.

To redeem, you'd perform a bitwise XOR between the values represented on the two engraved items, and import the result as a private key.

In reality, this is all more effort and risk than I'd prefer.  I wouldn't use an engraver at all, and would find some other method of long term storage that doesn't require me to reveal my address or encoded private key to another person.  If you've got your mind set on involving untrusted people to assist, then I'd want to introduce a significant amount of unpredictable modification to the value that you are sharing.
legendary
Activity: 1372
Merit: 1000
September 17, 2013, 08:10:53 AM
#41
For next time how do you think I can write my private key in code safely but easy enough to decode by hand?
legendary
Activity: 3472
Merit: 4801
September 17, 2013, 08:08:26 AM
#40
Well there is nothing for them to believe it has anything to do with bitcoins you see. They are a normal engravers. I am going to save 1000 GNP on there you see.  From what you say they would have to suspect bitcoin first then at the same time be a programmer. I feel secure that it's unlikely they are not. Thank you for your reply though

You pays your money and you takes your chances.
legendary
Activity: 1372
Merit: 1000
September 17, 2013, 08:02:14 AM
#39
Well there is nothing for them to believe it has anything to do with bitcoins you see. They are a normal engravers. I am going to save 1000 GNP on there you see.  From what you say they would have to suspect bitcoin first then at the same time be a programmer. I feel secure that it's unlikely they are not. Thank you for your reply though
legendary
Activity: 3472
Merit: 4801
September 17, 2013, 07:56:56 AM
#38
I want to get a coin engraved with my public address and private key. Basically my public address will be shown and the private key will be fully written yet have some characters capitalised/ decapitalised and some numbers that are slightly different.

In total for one full private key generated from bitaddress.org the private key was changed by capitalising 3 letters, decapitalising 2 and changing 1 of the numbers.

So the engraver will see my public address and my private key with a few changes. Are there any risk of my coins getting stiolen?
Thanks

You've posted this question in multiple places. I've already answered it in your other post:

https://bitcointalksearch.org/topic/how-secure-is-this-295898

If the engraver is aware of your obfuscation system, then there is a significant risk (perhaps they are reading this forum right now?)

Even if they aren't aware, there is a bit of a risk that they could decide to run a program that iterates over various combinations of substitution.  I haven't done the math, but you are essentially changing only 9 bits of information in an otherwise known 256 bit number.
legendary
Activity: 1372
Merit: 1000
September 17, 2013, 07:36:08 AM
#37
I want to get a coin engraved with my public address and private key. Basically my public address will be shown and the private key will be fully written yet have some characters capitalised/ decapitalised and some numbers that are slightly different.

In total for one full private key generated from bitaddress.org the private key was changed by capitalising 3 letters, decapitalising 2 and changing 1 of the numbers.

So the engraver will see my public address and my private key with a few changes. Are there any risk of my coins getting stiolen?
Thanks
legendary
Activity: 3416
Merit: 1912
The Concierge of Crypto
September 14, 2013, 05:03:27 AM
#36
Or to be completely offline, you can flip a coin 256 times to make the private key and have a calculator and pencil and paper to calculate the public key and address. I want to do it one of these days just to show that it's possible.
I was just about to reply with dice when I saw the table-top game dice.

Is there a better source of entropy available to the average person that could be used to mechanically generate a private key?

According to dice ware and other sites, a really good dice would be "casino" grade dice. Those are usually 6 sided dice.

You just have to use an unbiased method to roll the required number of bits needed. Like roll one dice, 1-3 = 0 and 4-6 = 1. But that's too much work and you'd roll 256 times. Better is to roll 2 or 3 or several at a time to get bigger values (not added together, but representing base 6?)

Personally, what I would do is just use those dice results as a seed for a cryptographically secure random number generator. You'd still need to roll the 6 sided dice about 100 times to equal 256 bits.
legendary
Activity: 3472
Merit: 4801
September 13, 2013, 06:38:57 AM
#35
Are dice any more likely to be "fair" than a coin?

It seems that people are far more likely to have a coin handy than 1d20?

Does it really matter here? The address space is 2^160 (mapped from the 2^256 approx private key space). A little bit of bias in the RNG is not going to make very much difference (and a lot of bias would be pretty obvious ... two headed coin anyone?)
- snip -

Sorry. I misunderstood.  I thought you were offering the d20 as a response to the earlier question:

- snip -
Is there a better source of entropy available to the average person that could be used to mechanically generate a private key?
full member
Activity: 196
Merit: 100
September 13, 2013, 02:20:30 AM
#34
Are dice any more likely to be "fair" than a coin?

It seems that people are far more likely to have a coin handy than 1d20?

Does it really matter here? The address space is 2^160 (mapped from the 2^256 approx private key space). A little bit of bias in the RNG is not going to make very much difference (and a lot of bias would be pretty obvious ... two headed coin anyone?)

I got a few d20 somewhere (I'm of that generation...), but you could do it properly with d6. Just roll four times (ignoring values 5 and 6) and treat the results as two bits of the byte . Slightly more efficient than tossing a coin (not much), but you need to be pretty good at binary to hex conversion (though if you're doing the EC by hand too, that's the least of your problems...).
legendary
Activity: 3472
Merit: 4801
September 12, 2013, 06:26:26 PM
#33
Just roll a d20 and ignore everything above 15 (call 20 as zero). Or just use a d16 (a bit more difficult to come by though, never really was adopted in D&D.)

Are dice any more likely to be "fair" than a coin?

It seems that people are far more likely to have a coin handy than 1d20?
legendary
Activity: 3472
Merit: 4801
September 12, 2013, 06:25:39 PM
#32
casting 2 x 8 sided dice will generate a hex number each time, cast it 16 times will generate a private key

VERY BAD IDEA.

The odds of rolling a combination that adds up to 9 (1,8: 2,7: 3,6: 4,5: 5,4: 6,3: 7,2: & 8,1) is FAR greater than the odds of rolling a combination that adds up to 2 (ONLY 1,1).

How exactly will you ever roll a 0 or a 1?
full member
Activity: 196
Merit: 100
September 12, 2013, 05:23:35 PM
#31
Just roll a d20 and ignore everything above 15 (call 20 as zero). Or just use a d16 (a bit more difficult to come by though, never really was adopted in D&D.)
legendary
Activity: 1176
Merit: 1280
May Bitcoin be touched by his Noodly Appendage
September 12, 2013, 04:49:14 PM
#30
casting 2 x 8 sided dice will generate a hex number each time, cast it 16 times will generate a private key




Run your solution 30 times
  • Each time the result is in [2,3,4,13,14,15,16] (7 possibilities), I owe you 1BTC
  • Each time the result is in [6,7,8,9,10,11,12] (7 possibilities), you owe me 1BTC
  • Each time the result is 5, nothing happens

Deal?
legendary
Activity: 1988
Merit: 1012
Beyond Imagination
September 12, 2013, 04:41:56 PM
#29
casting 2 x 8 sided dice will generate a hex number each time, cast it 16 times will generate a private key



legendary
Activity: 3472
Merit: 4801
September 12, 2013, 11:49:46 AM
#28
Good to know.  I was wrong (and was wrong for a very long time).  Learn something new every day.

 Grin

It seems that every time I think I finally understand something about bitcoin, I learn that my understanding was somehow flawed.

Even on this matter, I thought I knew what I was talking about when I told people that a number higher than 0xFFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFE BAAE DCE6 AF48 A03B BFD2 5E8C D036 4141 was invalid.  Now today I discover that it is valid, it just isn't recommended to use it because it ends up essentially being some other number based on the modulo of the value.
legendary
Activity: 2646
Merit: 1137
All paid signature campaigns should be banned.
September 12, 2013, 11:43:51 AM
#27
Good to know.  I was wrong (and was wrong for a very long time).  Learn something new every day.
legendary
Activity: 3472
Merit: 4801
September 12, 2013, 11:34:47 AM
#26
The integer p specifying the finite field Fp can be found here:

https://en.bitcoin.it/wiki/Secp256k1

which is really just copied from section 2.7.1 "Recommended Parameters secp256k1" on page 15 of this document:

http://www.secg.org/collateral/sec2_final.pdf

I will verify this and then fix the wiki if I am correct.

The number is found in the wiki here:
https://en.bitcoin.it/wiki/Private_key#Range_of_valid_private_keys

And is frequently stated throughout bitcointalk.org:



https://bitcointalksearch.org/topic/m.1672366
- snip -
Also, SHA256 can create a value invalid as an ECDSA private key, "Specifically, any 256-bit number between 0x1 and 0xFFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFE BAAE DCE6 AF48 A03B BFD2 5E8C D036 4141 is a valid private key."

https://bitcointalksearch.org/topic/m.2222704
- snip -
Nearly every 256-bit number is a valid private key. Specifically, any 256-bit number between 0x1 and 0xFFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFE BAAE DCE6 AF48 A03B BFD2 5E8C D036 4141 is a valid private key.

The range of valid private keys is governed by the secp256k1 ECDSA standard used by Bitcoin.

https://bitcointalksearch.org/topic/m.1727476
Quote from: dscotese
Does every number with the right number of bits represent a valid private key?  That seems doubtful to me.

I think there is a range. I found it on the wiki: Specifically, any 256-bit number between 0x1 and 0xFFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFE BAAE DCE6 AF48 A03B BFD2 5E8C D036 4141 is a valid private key.
- snip -

https://bitcointalksearch.org/topic/m.1715086
- snip -
What is the maximum number of private addresses?

2^96  --  https://bitcointalksearch.org/topic/how-many-possibly-bitcoin-addresses-are-there-exactly-and-how-long-does-it-24268

and "almsot 2^256"   --   https://en.bitcoin.it/wiki/Private_key
- snip -

I assume you mean private keys (not private addresses, there is no such thing).  In that case:

https://en.bitcoin.it/wiki/Private_key

Quote
Nearly every 256-bit number is a valid private key. Specifically, any 256-bit number between 0x1 and 0xFFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFE BAAE DCE6 AF48 A03B BFD2 5E8C D036 4141 is a valid private key.

The range of valid private keys is governed by the secp256k1 ECDSA standard used by Bitcoin.

https://bitcointalksearch.org/topic/m.1720529
- snip -
Nearly every 256-bit number is a valid private key. Specifically, any 256-bit number between 0x1 and 0xFFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFE BAAE DCE6 AF48 A03B BFD2 5E8C D036 4141 is a valid private key.
- snip -

https://bitcointalksearch.org/topic/m.1662810
- snip -
its because the prime number chosen for secp256k1 is just a little less then 2^256

0xFFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFE BAAE DCE6 AF48 A03B BFD2 5E8C D036 4141 is that prime number in hexadecimal.

https://bitcointalksearch.org/topic/m.3081656
- snip -
If you do it this way, the max address you can use is FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFE BAAE DCE6 AF48 A03B BFD2 5E8C D036 4141

https://bitcointalksearch.org/topic/m.2970259
By the way its not really an upper limit: n+1 is a pretty valid private key, it's just that it's equal to 1 (as n+1 mod n == 1 mod n)
If you generate that way you will end up with keys which are not equiprobable. The difference from uniform is very small, but its a certificational weakness you should avoid.
legendary
Activity: 1176
Merit: 1280
May Bitcoin be touched by his Noodly Appendage
September 12, 2013, 11:19:21 AM
#25
A private key is just a 256-bit random number. (Well, a number between 1 and hex value FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFE BAAE DCE6 AF48 A03B BFD2 5E8C D036 4141.)

Where did you get that God awful number?  The actual value of p for secp256k1 is:

p = FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFE FFFFFC2F

I got it from the Private Key page on the Bitcoin wiki. I don't know whether the number is right or wrong, but feel free to update the wiki (perhaps it should have a citation, even?) if the value there is wrong. I apologize for not checking my sources more thoroughly, or at least citing where I was getting my info from.

In any event, it's rather unlikely that a random 256-bit number won't be in the range. If somebody gets heads a ton of times in a row, they may want to double-check the upper bound before using it. (Or, perhaps more likely, check that their coin is fair…)
The integer p specifying the finite field Fp can be found here:

https://en.bitcoin.it/wiki/Secp256k1

which is really just copied from section 2.7.1 "Recommended Parameters secp256k1" on page 15 of this document:

http://www.secg.org/collateral/sec2_final.pdf

I will verify this and then fix the wiki if I am correct.

I just answered to your post in the dev&tech forum
It's n because G^(n+1) = G
By the way a private key above n is valid, it's just that it will equivalent to (private key)%n
legendary
Activity: 2646
Merit: 1137
All paid signature campaigns should be banned.
September 12, 2013, 10:57:17 AM
#24
A private key is just a 256-bit random number. (Well, a number between 1 and hex value FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFE BAAE DCE6 AF48 A03B BFD2 5E8C D036 4141.)

Where did you get that God awful number?  The actual value of p for secp256k1 is:

p = FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFE FFFFFC2F

I got it from the Private Key page on the Bitcoin wiki. I don't know whether the number is right or wrong, but feel free to update the wiki (perhaps it should have a citation, even?) if the value there is wrong. I apologize for not checking my sources more thoroughly, or at least citing where I was getting my info from.

In any event, it's rather unlikely that a random 256-bit number won't be in the range. If somebody gets heads a ton of times in a row, they may want to double-check the upper bound before using it. (Or, perhaps more likely, check that their coin is fair…)
The integer p specifying the finite field Fp can be found here:

https://en.bitcoin.it/wiki/Secp256k1

which is really just copied from section 2.7.1 "Recommended Parameters secp256k1" on page 15 of this document:

http://www.secg.org/collateral/sec2_final.pdf

I will verify this and then fix the wiki if I am correct.
legendary
Activity: 1176
Merit: 1280
May Bitcoin be touched by his Noodly Appendage
September 12, 2013, 09:33:37 AM
#23
Running the roulette again of course Grin
legendary
Activity: 3472
Merit: 4801
September 12, 2013, 08:32:24 AM
#22
Is there a better source of entropy available to the average person that could be used to mechanically generate a private key?


For i<52:
  • if 0->31: add the corresponding 5 bits to the private key
  • if 31+: run it again
Remove FOUR random bits

I think I said "available to the average person".

Most of the people that I know have a coin in their pocket or very nearby.  I don't know anybody that owns their own well balanced and maintained roulette wheel.

By the way, how would you choose which 4 bits to remove?
legendary
Activity: 1176
Merit: 1280
May Bitcoin be touched by his Noodly Appendage
September 12, 2013, 08:27:21 AM
#21
Is there a better source of entropy available to the average person that could be used to mechanically generate a private key?


For i<52:
  • if 0->31: add the corresponding 5 bits to the private key
  • if 31+: run it again
Remove FOUR random bits
pc
sr. member
Activity: 253
Merit: 250
September 12, 2013, 07:45:57 AM
#20
A private key is just a 256-bit random number. (Well, a number between 1 and hex value FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFE BAAE DCE6 AF48 A03B BFD2 5E8C D036 4141.)

Where did you get that God awful number?  The actual value of p for secp256k1 is:

p = FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFE FFFFFC2F

I got it from the Private Key page on the Bitcoin wiki. I don't know whether the number is right or wrong, but feel free to update the wiki (perhaps it should have a citation, even?) if the value there is wrong. I apologize for not checking my sources more thoroughly, or at least citing where I was getting my info from.

In any event, it's rather unlikely that a random 256-bit number won't be in the range. If somebody gets heads a ton of times in a row, they may want to double-check the upper bound before using it. (Or, perhaps more likely, check that their coin is fair…)
legendary
Activity: 3472
Merit: 4801
September 12, 2013, 07:38:26 AM
#19
So yes, you could flip a coin 256 times and copy down the results into a 256 bit number and as long as your number is less than the (prime) number p shown above it is a valid private key.
A coin is a really bad source of entropy though.

You're suggesting that a typical coin is not "fair" and will tend to land on one side more often than the other?

I would think there would be enough events adding entropy to the action (flip rotation speed, flip initial height, maximum height, resting height, air flow around the coin, initial side up, axis of rotation, horizontal velocity, etc) that the bias in the coin would have to be pretty significant to have a discernible effect in 256 trials.

Is there a better source of entropy available to the average person that could be used to mechanically generate a private key?
legendary
Activity: 2646
Merit: 1137
All paid signature campaigns should be banned.
September 11, 2013, 08:33:39 PM
#18
So yes, you could flip a coin 256 times and copy down the results into a 256 bit number and as long as your number is less than the (prime) number p shown above it is a valid private key.
A coin is a really bad source of entropy though.

Use 512 coins, and drop them from a height. Unleash a dog/kid into the room to scatter and or lose some coins. Then pick up 256 coins randomly  Grin
I did say "valid", not "good" or "random" or "secure".

Still, flipping a coin 256 times and then directly using the value obtained would be much better than using "stfu!" as your pass phrase to a brain wallet Wink
sr. member
Activity: 336
Merit: 250
September 11, 2013, 07:56:09 PM
#17
So yes, you could flip a coin 256 times and copy down the results into a 256 bit number and as long as your number is less than the (prime) number p shown above it is a valid private key.
A coin is a really bad source of entropy though.

Use 512 coins, and drop them from a height. Unleash a dog/kid into the room to scatter and or lose some coins. Then pick up 256 coins randomly  Grin
legendary
Activity: 2058
Merit: 1452
September 11, 2013, 07:04:57 PM
#16
So yes, you could flip a coin 256 times and copy down the results into a 256 bit number and as long as your number is less than the (prime) number p shown above it is a valid private key.
A coin is a really bad source of entropy though.
legendary
Activity: 2646
Merit: 1137
All paid signature campaigns should be banned.
September 11, 2013, 05:36:20 PM
#15
A private key is just a 256-bit random number. (Well, a number between 1 and hex value FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFE BAAE DCE6 AF48 A03B BFD2 5E8C D036 4141.)

Where did you get that God awful number?  The actual value of p for secp256k1 is:

p = FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFE FFFFFC2F

   = 2256 - 232 - 29 - 28 - 27 -26 - 24 - 1

Oh, I see, that is the order n of G.  You just copied the wrong number.

So yes, you could flip a coin 256 times and copy down the results into a 256 bit number and as long as your number is less than the (prime) number p shown above it is a valid private key.
legendary
Activity: 3682
Merit: 1580
September 11, 2013, 05:23:41 PM
#14
I managed to use VMware free trial to run ubuntu withough having to boot from a usb. Then erased application and wiped my free space.
Will I be safe?

Running linux in a VM is pointless if your are worried about the safety of your host system. If someone has access to your host system they have access to everything you are running on it including VMs. You should boot from a live USB or DVD.
legendary
Activity: 1372
Merit: 1000
September 11, 2013, 06:39:52 AM
#13
lol thanks
full member
Activity: 196
Merit: 100
September 11, 2013, 06:28:45 AM
#12
I managed to use VMware free trial to run ubuntu withough having to boot from a usb. Then erased application and wiped my free space.
Will I be safe?

If you ran it as a live-CD (no disk image) you should be fine, otherwise you need to secure-delete the disk image (use sdelete from SysInternals ... EDIT OOPS that's Microsoft, mac must have an equivalent utility).

There may be some residual data in your pagefile, so probably best to reboot your mac too (not hibernate as this just makes it worse).

[/paranoia_mode]
legendary
Activity: 1372
Merit: 1000
September 11, 2013, 05:46:03 AM
#11
I managed to use VMware free trial to run ubuntu withough having to boot from a usb. Then erased application and wiped my free space.
Will I be safe?
full member
Activity: 196
Merit: 100
September 11, 2013, 02:27:37 AM
#10
I did say one could use "a calculator". Presumably, one could balance it being fancy enough to be able to handle EC math, while not being fancy enough that one had to worry about it storing ones key for a long time or getting compromised in some fashion.

The EC algorithm is actually fairly simple (see JackJack's pywallet for an implementation), but relies on bigints (arbitary percision integers) which may or may not be available on a stand-alone "calculator". As has been said elsewhere, this is an ideal application for a raspberry pi. You don't even need to connect it to the internet. Just download bitaddress.org from the github, transfer it to the pi via a memory stick (or load it onto the boot partition of the OS SD card) and you're good to go. Attach a printer, and your key has never been exposed to the outside world. You should reflash the SD card afterwards, to be sure nothing remains that can be exposed later, destroy it if you're paranoid, and the printer too, you never know what's stored inside the modern ones, but an ancient text-only line printer should be safe  Cool
pc
sr. member
Activity: 253
Merit: 250
September 10, 2013, 01:32:04 PM
#9
Or to be completely offline, you can flip a coin 256 times to make the private key and have a calculator and pencil and paper to calculate the public key and address. I want to do it one of these days just to show that it's possible.
Calculating the public key would require a crazy amount of motivation
Calculating the address is impossible

https://bitcointalksearch.org/topic/bitcoin-wallet-generation-by-hand-286534

Heh, I hadn't realized it was a recent topic on the forum.
I did say one could use "a calculator". Presumably, one could balance it being fancy enough to be able to handle EC math, while not being fancy enough that one had to worry about it storing ones key for a long time or getting compromised in some fashion.
And one would probably be more willing to enter one's public key on a "real" computer to hash to generate the address, though you'd probably want to use multiple systems to make extra sure that the address one generated actually corresponded to the public key. The network allows payments straight to public keys instead of addresses just fine, though I don't know of any wallet software that makes doing so simple.
legendary
Activity: 1176
Merit: 1280
May Bitcoin be touched by his Noodly Appendage
September 10, 2013, 01:21:38 PM
#8
Or to be completely offline, you can flip a coin 256 times to make the private key and have a calculator and pencil and paper to calculate the public key and address. I want to do it one of these days just to show that it's possible.
Calculating the public key would require a crazy amount of motivation
Calculating the address is impossible

https://bitcointalksearch.org/topic/bitcoin-wallet-generation-by-hand-286534
pc
sr. member
Activity: 253
Merit: 250
September 10, 2013, 12:49:05 PM
#7
Wow doing it with a coin is fascinating! Can you post a guide on this? It will give everyone a greater understanding of bitcoins too! Wow that really is intriguing Smiley

A private key is just a 256-bit random number. (Well, a number between 1 and hex value FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFE BAAE DCE6 AF48 A03B BFD2 5E8C D036 4141.) All your computer does to make a new address is pick a new random number, and then do some math that calculates the public key from that number. There isn't any magic to it; it's just math. So, any way that randomly picks 256 bits will work. Computers tend to use fancy cryptographic libraries that find good sources of randomness from the information available to a computer, since they tend to be poor at flipping literal coins.

My comment was a probably-too-long offhand remark that you need some technology that you trust to keep your private key private. Sometimes simple technology is best, since you can see how it works and if it's sending your data elsewhere easily. But even if you were to literally flip coins, you'd want to make sure there wasn't a camera or somebody watching you that would compromise your random number generation. Really it's an analogy for what you need your key generating computer to be doing: picking good-quality random numbers that nobody else can end up knowing.
legendary
Activity: 1372
Merit: 1000
September 10, 2013, 12:02:02 PM
#6
Wow doing it with a coin is fascinating! Can you post a guide on this? It will give everyone a greater understanding of bitcoins too! Wow that really is intriguing Smiley
pc
sr. member
Activity: 253
Merit: 250
September 10, 2013, 08:22:52 AM
#5
Well, you seem to want hardware you can trust, but say that you don't trust any of your hardware. So, you need to get your hardware into a state where you trust it, or you need to acquire new hardware that you do trust. Something like a Raspberry Pi may be great for this sort of thing, though on "embedded" kinds of devices you want to make sure that your random number generator has enough entropy to work with.

Or to be completely offline, you can flip a coin 256 times to make the private key and have a calculator and pencil and paper to calculate the public key and address. I want to do it one of these days just to show that it's possible.
hero member
Activity: 728
Merit: 500
September 10, 2013, 06:49:43 AM
#4
Rannesha I would have to wipe my os on my mac then right? Maybe I could do this with my pi

You don't need to wipe your Mac. Linux USB installations allow you to boot and run the full operating system from a USB stick. The harddisk with your Mac installation on it isn't touched (and any malware on it isn't started). Once you're done, restart the machine, remove the USB stick and it'll boot right back to your regular OS.

Of course, using a RPi works just as well.
legendary
Activity: 1372
Merit: 1000
September 10, 2013, 05:46:57 AM
#3
Rannesha I would have to wipe my os on my mac then right? Maybe I could do this with my pi
hero member
Activity: 728
Merit: 500
September 10, 2013, 05:23:51 AM
#2
Hi Basically I would like to open my own savings wallets without worrying about it.  These will be cold storage with the private key written in code that only myself or family know.
I only have a mac laptop that I have used for many many things that I could not trust 100% in order to generate an address on. Without actually buying a new laptop and using an off line www.bitaddress.org to generate an address please can someone tell me the most secure way of generating an address and private key for cold storage please?

Create a bootable Linux USB stick, use that to boot your laptop, open bitaddress.org, disconnect from the internet, generate the address and write it down / print it in whatever way you want.
legendary
Activity: 1372
Merit: 1000
September 10, 2013, 05:07:19 AM
#1
Hi Basically I would like to open my own savings wallets without worrying about it.  These will be cold storage with the private key written in code that only myself or family know.
I only have a mac laptop that I have used for many many things that I could not trust 100% in order to generate an address on. Without actually buying a new laptop and using an off line www.bitaddress.org to generate an address please can someone tell me the most secure way of generating an address and private key for cold storage please?
Jump to: