Passwords & Dices - Tutorial to Create Secure Passwords

profitgenerator (68)in #security • 7 years ago (edited)

You know you can't really trust your hardware RNG given that we see more and more people claiming that major processors could be backdoored:

This many people can't be wrong. So people who have like 1,000,000$ worth Steemit accounts or other altcoins, I don't think they should put their faith in their computers to generate secure passwords and keys for them.

Now Linux machines usually gather entropy from multiple sources, not just the processor. The /dev/random function collects network traffic,processor cache, mouse or keyboard cache, and even thermal fluctuations.

However it's not like those can't be hacked, and if the processor has this kind of potential backdoor in it, it can just bypass that and feed you crap entropy.

There are good tutorials here how to generate keys with dices:

In this tutorial I will talk about the dice side of it. @creatr and others have already put out good tutorials how to generate keys with dices, but nobody talked about the mathematical side of it, and how to evaluate a good dice from a bad one. It's important because we need to measure the entropy.

1) Buying Dices

Believe it or not, you actually don't need ultra high quality casino dices, in fact you should stay away from those because they are very expensive and not that much better than cheap dices.

http://www.ebay.com/itm/PAIR-OF-CASINO-DICE-FROM-THE-PLAYBOY-CLUB-CASINO-LONDON-ENGLAND-GR-/371969345648?hash=item569b19c870

Why the fuck would you give 100$ for 2 dices? Just go into a pawn shop or a small local market and you can find a bunch of them for pennies.

I have bought 50 cheap dices from and old lady yesterday, it cost 3€ in total. Of course some of them were deformed, I thrown out those, so about 33 of them were in good shape.

The dices should be made of plastic, because wood dices degrade quickly, also small dices are better because they are more robust and last longer. Also the dice should be 6 sided just to make our calculations below easier.

2) Testing the Dices

I have started testing the with the deformed ones that had obvious defects, like 1 corner smoother than the other, or a small plastic blob hanging out from a side as it was melted incorrectly. Yep cheap dices are like that, but don't worry it's not as bad as it looks like.

There are 2 methods to test a dice: Measuring Entropy and Measuring Autocorrelation

STEP 1: Throw with the dice 200-300 times on a flat surface and record all the numbers in the order you throw them, inside a spreadsheet column.

STEP 2: Measure Autocorrelation

The closer to 0 it is the better. An autocorrelation of 0 indicates perfect randomness. You can either calculate it manually with the following formula (suppose you have the data in column A and it has 300 rows):

Now this is for lag order 1, you should test it down for the first (cube root of the sample size) elements, in our case it's 7.

A perfectly random data should have low values as close to 0 as possible on all levels from 1-7. It will probably not be like that but it should have +/- values as close to the 0 line as possible.

Or you can just put it inside a statistical software like MATLAB or MATHEMATICA and let it do it for you.

STEP 3: Measure Entropy

A dice has 6 sides with 6 possible number outputs from 1-6. You have to count how many times a number occurred. So going with a sample size of 300 as above, each number should occur 50 times, but it probably won't because our sample size is not that big but also the dice is not perfect either.

A theoretical Perfect Dice has an entropy of `2.5849625007`

The formula for Shannon Entropy in the case of a 6 sided dice is.

So what does this mean, well let's take an example, suppose you have the following rolls of each number:
I = 46
II = 57
III = 39
IV = 60
V = 29
VI = 69

In total our it's 300 rolls where each number appeared this many times. Ideally every number should appear 50 times, but our imperfect dice gave these numbers. So to calculate it, you take the fraction of the number of outputs per the total inserted into the formula.

P_baddice = - [ ( 46/300 * log₂46/300) + ( 57/300 * log₂57/300) + ( 39/300 * log₂39/300) + ( 60/300 * log₂60/300) + ( 29/300 * log₂29/300) + ( 69/300 * log₂69/300) ] = 2.530577559

Now comparing this to the perfect dice:

PERFECTNESS = 2.530577559/2.5849625007 = 97.8961%

I have also tested my deformed dice, it turns out that even my deformed dice with eroded sides and blobs hanging out of it, has a ~89% perfectness.

You might also want to calculate 4 Standard Deviations from the given entropy, it's usually a 50% error. A 4 standard deviation in a Uniform Distribution encompasses a 99.9999959218% confidence interval. You might even do a Z-TEST on the distribution to find out the value of a 4 sigma but usually 4 deviations are fairly safe to use.

In my case 4 sigma usually gave a 50% error, therefore a very crappy dice with 2.3 bits entropy, will in worst case scenario give 1.15 bits of entropy.

So even if we are very unlucky (0.000004078%) our shitty dice will still give us 1.15 bits of entropy, otherwise it will give us more entropy.

STEP 4: Creating the Password or the Private Key.

Now that we have measured the entropy of the dice and a 4 sigma deviation from it as a worst case scenario, we know that even my shitty dice has 1.15 bits of entropy as minimum.

Therefore if we need a 256-bit bitcoin private key for example, we need to roll 223 times. Obviously I hope your dice will be better quality, but even with a shitty dice, it is possible to have a very high quality entropy password.

So I have 33 decent dices this means that I will just roll them all at once 7 times. But of course shake them inside a bottle or a cup before rolling to remove the conditional entropy from their physical proximity, just shaking them like 30-40 seconds before rolling is a good idea.

Then you can use Diceware or whatever other technique to generate the private key from that entropy as pointed out here:

Sources:
https://pixabay.com