search

benjarobbi / bitcoin-wallet.github.io

Automatically exported from code.google.com/p/bitcoin-wallet
0 stars 0 forks source link

Consider using the camera as an additional entropy source #219

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 
The OS is supposed to provide secure random numbers. However as we all learned 
the hard way, sometimes it can fail in this task.

Bitcoin Wallet already asks for access to the camera so it can directly scan QR 
codes. When a wallet is first created, it could ask the user to take a picture 
(of anything, it doesn't matter what) and then write that image into 
/dev/urandom to act as an additional entropy source.

The basic code for the PRNG in /dev/urandom is very unlikely to get broken on 
any platform as it's basic, self contained and simple. There's no need to 
modify it. However it *is* possible that some phones do a bad job of providing 
entropy from hardware sensors. HW drivers are supposed to do this but given the 
tight deadlines and pressure phone OEMs work under, it wouldn't surprise me if 
some phones don't gather as much entropy as they could, and this step would 
help such hypothetical devices out a bit.

Of course the downside is, it complicates first-time usage. Also, it works best 
when the app doesn't need much randomness - for instance after we switch to 
deterministic wallets and signatures.

Original issue reported on code.google.com by hearn@google.com on 2 Sep 2013 at 9:57

GoogleCodeExporter commented 9 years ago 
I'm not sure if the camera is a good source of randomness. The raw sensor data 
would perhaps, but we can only get hold of post-processed data that ran through 
a lot of filters.

The app currently cannot deal with no key being available in the wallet - that 
would need quite some effort to change. It would be much easier gathering that 
entrophy just before additional keys are added (or transactions signed). But 
then it will be too late for most people (using only one address or one 
deterministic seed).

Original comment by andreas....@gmail.com on 2 Sep 2013 at 10:29

GoogleCodeExporter commented 9 years ago 
Yeah. The app might need to change so it can do some initial setup activities 
before the main activity starts.

Original comment by hearn@google.com on 2 Sep 2013 at 10:53

GoogleCodeExporter commented 9 years ago 
I think entrophy collection from sensors is best done by the OS (and as far as 
I know, Android does this already).

Original comment by andreas....@gmail.com on 16 Nov 2014 at 6:49