Mycelium Entropy update | Bitcointalksearch.org

dsattler

legendary

Activity: 924

Merit: 1000

If someone wants to verify the 2-of-3 private key shares that entropy prints, here's a way to do it:

Download the sss python code from here:
https://github.com/cetuscetus/btctool/blob/bip/bip-xxxx.mediawiki
Download the bitcoin address utility (windows exe or source) from here:
https://casascius.wordpress.com/2013/01/26/bitcoin-address-utility/
NOW IT'S A GOOD TIME TO GO OFFLINE, BECAUSE THE NEXT STEPS COULD OTHERWISE COMPROMISE YOUR PRIVATE KEY!!!
Edit the test() function in bip-sss.py like this:
Quote
def test():
gf = GF(0x11d)

share1, dec_m1, dec_id1, dec_type1 = decode("SSS-")
share2, dec_m2, dec_id2, dec_type2 = decode("SSS-")
share3, dec_m3, dec_id3, dec_type3 = decode("SSS-")

shares = [ share1, share2, share3 ]

combined = combine(gf, shares)
secret = make_secret(CTB_BASE58, length = 32, data = combined[1:33], is_private_key = True, compressed = True)

#sss_test(gf, 1, 1)
#sss_test(gf, 2, 1)
#sss_test(gf, 1, 2)
#sss_test(gf, random.randint(1, 64), random.randint(1, 255))
#sss_test(gf, random.randint(1, 64), random.randint(1, 255))
#sss_test(gf, random.randint(1, 64), random.randint(1, 255))

#enc_dec_test(gf, 20)
Put the three shares ("SSS-...") from your entropy printout into the script!
Go to the end of bip-sss.py, uncomment test() and comment gen_vectors():
Quote
test()
#gen_vectors()
Run the script, it will output your private key in WIF format (or an error if something's wrong with your shares).
I'm using ubuntu in a VirtualBox on windows for that.
If you're not familiar with python scripts (like myself ) it's better to run it once without any modifications (it prints out some tests), to see if everything is in place and working OK.
Run the bitcoin address utility, navigate to menu tools/utility and enter your private key (from the python script) into the field labeled "Private Key (WIF)".
Click on the second button under the input field (with two triangles pointing down).
Your BTC address is shown in the last field, compare it with the printout.
Should be exactly the same if everything went OK!

I hope that this description is somehow useful. Don't hesitate to ask me if something's unclear.

For total security I recommend to do this procedure on a disconnected PC which never touches the internet.
If you do this on a PC which is infected with malware (trojans, keyloggers, etc.), your private key could get stolen and your BTC will be lost!

trasla

hero member

Activity: 707

Merit: 500

Quote from: ZorroPai on May 27, 2015, 06:36:57 AM

Hi,
I am living in Vienna and would like to buy an Entropy-Device cash.

Can I come to you tomorrow?

Thank you,
Zorro

Hey, sorry for the late answer.
We still have a couple open to ship, which I send out as I get them from the hardware department - so no spare ones to sell, currently.
I could maybe borrow you mine, if you just want to make a couple of paper wallets, though.
Shoot me a PM if you would like to!

ZorroPai

full member

Activity: 233

Merit: 100

Hi,
I am living in Vienna and would like to buy an Entropy-Device cash.

Can I come to you tomorrow?

Thank you,
Zorro

Rassah

legendary

Activity: 1680

Merit: 1035

FYI, the first batch of 800 devices sold out around August. So anyone ordering in September onwards had to wait. Yes, the remaining 200 were received recently, and are being packaged and prepared for shipping now.

cetus

newbie

Activity: 22

Merit: 0

Quote from: cisary on April 21, 2015, 05:48:08 AM

I'm waiting for mine too.. Is there a way to modify the firmware so that I can use Entropy as HW random number generator?

Yes, but there is a nuance.

The main hardware entropy source (SRAM) works only once when you power it up. If you want to generate a continuous stream, you have to use the built-in TRNG (probably safe, as it's not from Intel) and ADC measurements of a floating input. There is a new appendix in the user manual about it: https://mycelium.com/assets/entropy/me.html#_appendix_b_how_it_works .

You can power SRAM off in hibernate mode, but it takes about 30 seconds for each sampling of about 6 kbits of entropy. SRAM discharge is slower in hibernate mode than when the device is unplugged.

Personally, I doubt there is any chance at all that Atmel's built-in hardware RNG is compromised. And you can still use the one-off salt from SRAM to thwart any hardware attacks on the built-in TRNG module.

cisary

member

Activity: 79

Merit: 10

Quote from: bitkilo on April 21, 2015, 05:53:50 AM

Quote from: cisary on April 21, 2015, 05:48:08 AM

I'm waiting for mine too.. Is there a way to modify the firmware so that I can use Entropy as HW random number generator? I want to print bunch of wallets and then I plan to experiment with code.. open source FTW!

When did you order?

In the beginning of March shortly before there was "first batch sold out.." announcement

cetus

newbie

Activity: 22

Merit: 0

I heard the last batch had just arrived at Mycelium office in Vienna for flashing and final assembly.

bitkilo

legendary

Activity: 1638

Merit: 1010

https://www.bitcoin.com/

Quote from: cisary on April 21, 2015, 05:48:08 AM

I'm waiting for mine too.. Is there a way to modify the firmware so that I can use Entropy as HW random number generator? I want to print bunch of wallets and then I plan to experiment with code.. open source FTW!

When did you order?

cisary

member

Activity: 79

Merit: 10

I'm waiting for mine too.. Is there a way to modify the firmware so that I can use Entropy as HW random number generator? I want to print bunch of wallets and then I plan to experiment with code.. open source FTW!

bitkilo

legendary

Activity: 1638

Merit: 1010

https://www.bitcoin.com/

Still haven't seen mine yet, i ordered late from the indiegogo campaign site, about early Jan, any help on how i can track it down?
Has the last batch of 200 been released yet?

dsattler

legendary

Activity: 924

Merit: 1000

I've written a small tool to verify the salt:

I could share it with the source (c#) if anyone is interested in this. You can run it on windows or linux (using mono).

Quote

Salt
This is an advanced feature for security experts.
If you do not trust your Mycelium Entropy device and believe it may be backdoored, then this feature, sometimes also referred to as Diceware, is for you. It lets you add your own entropy (salt) to the mix so that:

even though the salt is entered on your computer into settings.txt in a generally insecure way, its leakage does not compromise your key;

if the device’s RNG is rigged in an undetectable way, your key is still secure because of the salt;

the algorithm’s implementation is easily verified.

The current implementation is fairly simple and is called Type-1 salt. A more advanced algorithm has been proposed but has not been implemented yet.

Salt is a string of up to 32 bytes, which is entered in hexadecimal after the salt1 keyword in settings.txt.

Entropy is a 32-byte random number generated by Mycelium Entropy.

Key = SHA-256 ( Salt || Entropy ).

In the HD case, the first 128 bits of Key are used to construct the BIP-39 mnemonic.

Entropy is printed alongside the private/public key pair for your verification.

Source: https://mycelium.com/assets/entropy/me.html

yxt

legendary

Activity: 3528

Merit: 1116

We still have a few in stock

http://asicminer-shop.de/Mycelium-Entropy_1

inBitweTrust

hero member

Activity: 658

Merit: 501

I received mine.

https://mycelium.com/assets/entropy/me.html

bitkilo

legendary

Activity: 1638

Merit: 1010

https://www.bitcoin.com/

Ahh, more people receiving there's, where is mine???

Looks great, cant wait for mine to arrive in the mail, I'm sure i will get it soon.
Thanks for the pic.

hephaist0s

hero member

Activity: 711

Merit: 532

Entropy device received! And it works great:

More pictures and words here. Thanks for the great work, guys!

bitkilo

legendary

Activity: 1638

Merit: 1010

https://www.bitcoin.com/

New Update!
http://www.reddit.com/r/Bitcoin/comments/2xp6ss/mycelium_entropy_update_for_monday_march_2nd/

trasla

hero member

Activity: 707

Merit: 500

Quote from: bitkilo on February 17, 2015, 03:49:48 AM

Quote from: trasla on February 17, 2015, 03:40:29 AM

It was posted to the indiegogo campaign page as well, so if you contributed you should have gotten an email with this text, as far as I know.

Nope no email received but this could be due to the fact that i purchase mine after the funding campaign ended, i think it was about the start of November i ordered, receipt is at work so i can check and update this post tomorrow.

If you did after the campaign ended, then only bitpay has your mail, indiegogo probably not, and you could not get an automated notification from them.
Anyway, I am here and post reddit links, so everything is fine

bitkilo

legendary

Activity: 1638

Merit: 1010

https://www.bitcoin.com/

Quote from: trasla on February 17, 2015, 03:40:29 AM

It was posted to the indiegogo campaign page as well, so if you contributed you should have gotten an email with this text, as far as I know.

Nope no email received but this could be due to the fact that i purchase mine after the funding campaign ended, i think it was about the start of November i ordered, receipt is at work so i can check and update this post tomorrow.

Update: The invoice i have doesn't have an order date just 01/01/2015 but i know i didn't order it on new years day.

trasla

hero member

Activity: 707

Merit: 500

It was posted to the indiegogo campaign page as well, so if you contributed you should have gotten an email with this text, as far as I know.

bitkilo

legendary

Activity: 1638

Merit: 1010

https://www.bitcoin.com/

Quote from: trasla on February 17, 2015, 02:54:14 AM

http://www.reddit.com/r/Bitcoin/comments/2w4991/mycelium_entropy_update_for_feb_16_2015/

Just what i wanted, a million thank you's trasla.
I don't follow reddit much so thanks for bringing this to my attion and the btc forum.

Topic: Mycelium Entropy update (Read 8987 times)