Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Development & Technical Discussion
Re: How to create an N bit ECDSA compatible private key from dice rolls in python
by
bitsec731
on 23/01/2017, 07:01:27 UTC
Quote from: ArcCsch on January 23, 2017, 05:51:40 AM

The lesson:
Private keys are called private keys for a reason, and hackers are willing to go through a lot of work to get them.

I may not be an expert on cryptography but I am an expert in computer security.

Quote from: DannyHamilton on January 23, 2017, 06:09:31 AM
Quote from: bitsec731 on January 23, 2017, 05:22:31 AM
Alright but is there a way to actually quantify the amount of entropy an image has, to just make sure it's safe?

Because at least a dice roll can be quantified, because even a slightly deformed dice has 90% entropy, thats 2.3264662506 bits.

So any casino quality dice should be much better than that.

Well, if you take a picture of the 62 dice (and the photo has enough detail and clarity to make out the values of all the dice) then the photo would have to have more entropy than the the dice rolls themselves.  Each die value contributes its entropy to the photo, but additionally the exact orientations and exact positions of the dice relative to each other within the photo are random as well which increases the entropy.  Furthermore, the background behind whatever you roll the dice on is likely to have some variations to its color and brightness which contributes additional entropy.

I partially disagree, because I don't think they are the same language.

The values of the dice, is just raw information, which can be let's say  "61235" after roll with 5 dices, which in it's basic binary form is:
110110 110001 110010 110011 110101

I highly doubt this sequence of information must inside the binary form of the picture of the dice, because it's not the same language. It may be inside it, but that is only due to coincidence, but it doesnt necessarly have to be.

We just interpreted the output of the dice as being 6 but the computer only sees the pixel values of the dice, but not the "6" itself.

So humans and computers think in different language, and that is why the picture itself is only as good randomness, as random the pixels are inside it, but have probably nothing to do with the informational content that it carries for humans.


Now maybe the picture has a higher entropy value than the roll information itself, but that is another issue.