[GTALUG] Dice Keys
David Mason
dmason at ryerson.ca
Fri Aug 28 15:35:16 EDT 2020
A riff off: https://en.wikipedia.org/wiki/Diceware
../Dave
On Aug 28, 2020, 11:15 AM -0400, Christopher Browne via talk <talk at gtalug.org>, wrote:
> Here's a cool thing I saw recently...
>
> https://www.schneier.com/blog/archives/2020/08/dicekeys.html
>
> The intention of this parallels the various Bitcoin "Solid Steel Passphrase Wallet" items that were popular a year or so ago
> (See https://www.toughgadget.com/bitcoin-crypto-metal-recovery-seed-wallets/, https://www.buybitcoinworldwide.com/wallets/steel/ )
>
> It's a case for a set of 25 dice that looks like a Boggle game set; it will generate and "record" what ought to be a Sooper Seekrut key as would be used for things like:
> - master key for password manager
> - U2F key for 2 Factor Authentication
> - Secret key for cryptocurrency wallet
>
> By being a set of dice with a nice plastic box to hold them securely, this is not vulnerable to various threats common to electronic devices:
> - EMP (for those highly worried about nuclear devices)
> - Water damage
>
> Of course, if all your disk drives get toasted, there might not be any data left to decrypt or systems to connect to. And plastic will melt away or burn when exposed to fire...
>
> But it's pretty cool, I'm tempted to grab a set.
>
> There's a web app: https://dicekeys.app/
>
> It appears that this application, embedded in a single JavaScript file, runs locally, inside your browser, so that usual criticisms about it being a giant security vulnerability of sharing your key with their web site seems like it mightn't apply. How to confirm in an authoritative way that nothing is *actually* shared seems like the fun security question.
> --
> When confronted by a difficult problem, solve it by reducing it to the
> question, "How would the Lone Ranger handle this?"
> ---
> Post to this mailing list talk at gtalug.org
> Unsubscribe from this mailing list https://gtalug.org/mailman/listinfo/talk
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://gtalug.org/pipermail/talk/attachments/20200828/588d7ad1/attachment.html>
More information about the talk
mailing list