Slashdot Mirror

← Back to Stories (view on slashdot.org)

How To Make a Bitcoin Address With a TI-89 Calculator

Posted by timothy on from the next-week-how-to-make-a-castle-out-of-toothpicks dept.

sarahnaomi writes: The power of Bitcoin is giving your dusty old TI-89 calculator a second chance of being useful. Matt Whitlock, who helped make one of the world's first Bitcoin ATMs, is at it again. In a video posted on to Vimeo, he showed how using the calculator once only used for high school geometry and a 12-sided die makes a secure address for your Bitcoin account. The video self-explanatory. Load up your calculator with the code, roll it 72 times and enter the number rolled into it. After that, the calculator pumps out a private key and address.

56 comments

  1. Are you retarded? by rebelwarlock · · Score: 3, Insightful

    I'm not rolling a die 72 times and manually entering each result.

    1. Re:Are you retarded? by gl4ss · · Score: 1

      yeah.. why can't you just smash numbers in random until you get enough for a good seed?

      --
      world was created 5 seconds before this post as it is.
    2. Re:Are you retarded? by dbIII · · Score: 1, Insightful

      It's a bitcon article so asking if the suckers drawn in the scheme are retarded is considered rude.
      "It's the future" - it's like that thing in Cryptonomicon only not backed by anything of value and it's founder has gone into hiding.

    3. Re:Are you retarded? by itzly · · Score: 2

      Or take a picture of your room, calculate a hash, and be done with it.

    4. Re:Are you retarded? by Anonymous Coward · · Score: 0

      Well according to this documentary where this guy smuggles data in his head, you should take three pictures from your television instead.

    5. Re:Are you retarded? by Anonymous Coward · · Score: 0

      I'm not rolling a die 72 times and manually entering each result.

      And now we know why a lot of people talk about security, and yet very few actually want to put in the effort to do it.

      That's OK, apathy has built and fed NSA programs for years, and will continue to do so. They enjoy the fruits of your laziness.

    6. Re:Are you retarded? by drgs · · Score: 0

      TI-89 has a rand() function

    7. Re:Are you retarded? by ultranova · · Score: 4, Insightful

      It's a bitcon article so asking if the suckers drawn in the scheme are retarded is considered rude.

      More importantly, calling people who use Bitcoin retarded or suckers doesn't actually constitute a strong argument against it.

      only not backed by anything of value

      Bitcoin is backed by the goods and services available in exchange of it, just like any other currency.

      and it's founder has gone into hiding.

      The founders of most currencies currently at use are dead.

      --

      Forget magic. Any technology distinguishable from divine power is insufficiently advanced.

    8. Re:Are you retarded? by grumling · · Score: 1

      Tune a radio to white noise, sample the audio 72 times and use that. Can I patent cosmic background radiation encryption?

      --
      "Well, good luck finding a judge that doesn't run a bestiality site."
    9. Re:Are you retarded? by Anonymous Coward · · Score: 0

      calling people who use Bitcoin retarded or suckers doesn't actually constitute a strong argument against it.

      Actually, in the case of Bitcoin, it does. These people aren't playing with a full deck. The only ones who dispute that are the people with cards missing.

      The founders of most currencies currently at use are dead.

      Everyone dies. Not everyone creates something meant for worldwide use then goes into hiding. This does not instill confidence.

    10. Re: Are you retarded? by Anonymous Coward · · Score: 0

      But what it doesn't have is any source of entropy.

    11. Re:Are you retarded? by SharpFang · · Score: 1

      Instead of taking values of keys (which would be a poor seed), take timing of keypresses. If the calculator runs at 1MHz, run a loop that takes 10uS per iteration, and count how many iterations it took between keypresses, modulo 100. No human is capable of timing their keypresses to 1 millisecond with *any* precision, nor correlate the keypresses to any fixed multiple of 10us period, so the sub-millisecond part of timing is entirely random.

      So, you're getting about 7 bits of entropy per keypress. Double that for key release. 14 bits per push, d12 is around 3.5 bits of entropy so mash your buttons for a total of 18 keypresses and you have your key.

      --
      45 5F E1 04 22 CA 29 C4 93 3F 95 05 2B 79 2A B2
    12. Re:Are you retarded? by Anonymous Coward · · Score: 0

      The only people pushing and backing bitcoins are those that can profit from it or at least stand to to possibly lose something because of it. One could argue that all other "benefits" it provides over traditional currency are not really benefits at all. Of all the benefits I've read about or people talk about over the years with almost all digital currency, only one seems to stand out a real potential benefit. The ability to easily send money to someone in another country without paying bank fees. The definition of easily is very lose there for several reasons. 99.999999% or probably even a higher % of financial transactions are not an individual sending money to another individual person in another country. Even those that do that, many of them are not doing it enough that establishing and maintaining a bitcoin presence is worth the effort.

      The whole concept I hear is that fiat government backed currency is a going to fail soon and bitcoin users want some other form of currency to protect yourself from that is a fking joke. If your countries currency disappears and no one takes it anymore, you have much bigger problems that your cash on hand. Firing up your method of transfering or spending bitcoins is not even going to be around unless you are writing down transaction keys on a piece of paper and hoping someone will accept them.

      Again, those that can profit are pushing it. Just like Amway or any other MLM plan is and just like a vacation timeshare sales pitch.

    13. Re:Are you retarded? by Anonymous Coward · · Score: 0

      Generating entropy.

      It doesn't take much, it just takes a human doing something seemingly random.
      Anything random, like Slashdot posting.

  2. lol TI sucks by Anonymous Coward · · Score: 0

    and #TCPA are fags!

  3. Do you crave penis? by Anonymous Coward · · Score: 0

    IF so, join #TCPA on Efnet. Live steaming of man on calculator action!

    Netham45 was here.

  4. 54 playing cards and your tinfoil hat is secure by Anonymous Coward · · Score: 0

    https://www.schneier.com/solitaire.html

    I pretty much assume the NSA has pwned my RNA at this point.

    Play the right musical notes in exactly the right order and I probably start goose-stepping to the ballot box to re-elect Dianne Feinstein.

    We're fucked. Decoder rings won't save us.

    1. Re:54 playing cards and your tinfoil hat is secure by Anonymous Coward · · Score: 0

      Commence Operation: "say negative things about NSA analysts so that they feel bad and quit their jobs"

      Hey, it worked so well on Law Enforcement with "Pigs", "Bacon" and "NARCs"... I think if we call the wage slaves on the other end of the wiretaps "panty sniffers" they'll feel empathy for our privacy and totally won't develop an internal culture of mocking tax payers to soothe the rash on their conscience with indifference lotion.

  5. Why not... by Anonymous Coward · · Score: 0

    Why not use hexidice, like from http://gamestation.net/d16-hexidice.html ? Although, I'm not sure if it's fair-sided.

    Without reading the article, I assume the calculator is to avoid the key from being sniffed/something from a computer, right?

  6. Not many devices by DrYak · · Score: 2

    In theory, your "you mama" joke approach should work. (For a good enough hash. Things like SHA2 or SHA3/Keccak should be okay).

    But, in practice, that would require:
    - a device with a camera (well, duh...)
    - a device that is easy programmable enough (because very few camera are known to automatically display a has on the screen by default)
    - a device that is *offline* (the whole point of doing it on something different than a laptop is to do it on a device that has low risk of virus/trojan/backdoor)

    That strongly limits the possibilities:
    - TFA's Ti 89 doesn't have a camera
    - point-and-shoot camera usually don't have an easy way to install your "picture hashing your mom as a random number generator" system
    - smartphone aren't offline and could be susceptible to hacking, the exact thing you wanted to avoid by going to a portable device.

    Appart from a few old-school PDAs (e.g.: a Palm IIIc, with the PalmPix dongle), few devices will qualify all of the above.

    --
    "Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
    1. Re:Not many devices by wonkey_monkey · · Score: 1

      smartphone aren't offline

      They can be made so easily enough.

      --
      systemd is Roko's Basilisk.
    2. Re:Not many devices by Reaper9889 · · Score: 3, Interesting

      Well, that was one of the more unexpected "you mama" joke: Your mama is so fat that she shows up in a post mentioning only your room!

      I want to note that just in case someone thinks so: You can not roll two 6-sided die and add them together and get a 12-sided dice - first of all you cant roll 1 and you roll 7 way too often. What you can do is have two rolls of a 6-sided die. Say you first roll x and then y. If y is even you rolled x otherwise you rolled 6+x. This gives you precisely 12 different equally likely outcomes.

    3. Re:Not many devices by itzly · · Score: 2

      - point-and-shoot camera usually don't have an easy way to install your "picture hashing your mom as a random number generator" system

      Take SD card from regular digital camera (or phone), stick it in an off-line linux laptop, and run sha256sum. No programming required.

    4. Re:Not many devices by itzly · · Score: 3, Funny

      In theory, your "you mama" joke approach should work

      No, yo momma is too big for a hash.

    5. Re: Not many devices by Anonymous Coward · · Score: 1

      What if you glue the dice together?

    6. Re:Not many devices by gox · · Score: 1

      The device itself should not allow the possibility of the data becoming online at a future time. That rules out systems with connection capabilities that also have memory.

    7. Re:Not many devices by itzly · · Score: 1

      Smash it with a hammer, and throw away the pieces. If your secret key isn't worth a new phone, it's not worth going through all this trouble anyway.

    8. Re:Not many devices by jonwil · · Score: 1

      Canon digital camera with CHDK (Canon Hack Development kit for adding new features to Canon cameras) should be able to do this if someone was to write the code for it.

      So it has a camera, its programmable and it (at least the Canon PowerShot SX130IS sitting next to me anyway) has no network connectivity.

      And its probably easier to find a camera that is supposed by CHDK than to get hold of an ancient PDA AND a camera dongle for it.

    9. Re:Not many devices by NemosomeN · · Score: 1

      A Canon camera with CHDK on it would fit all of your requirements.

      --
      I hate grammar Nazi's.
    10. Re:Not many devices by Hamsterdan · · Score: 1

      If the device becomes online without you consent in the future, it means it's not in your hands anymore. Thus *any* device will be vulnerable to prying eyes.

      --
      I've got better things to do tonight than die.
    11. Re:Not many devices by gox · · Score: 1

      I don't think anyone would go through all this trouble for security, it is just a geek entertainment thing.

      Having said that, keeping around an offline device for secure storage is not too bad an idea. If you have a RasPi lying around, it's all you need to generate secure keys, store 2FA secrets, and anything else that is best preserved cold.

    12. Re:Not many devices by lucm · · Score: 1

      You must be a hoot when you play craps in Vegas

      --
      lucm, indeed.
    13. Re:Not many devices by Anonymous Coward · · Score: 0

      Yo mama so fat, she has collisions with all the hashes.

    14. Re:Not many devices by gox · · Score: 1

      I assumed wonkey_monkey is talking about making smartphones temporarily offline. So it does become online with your consent. It could also connect without you even noticing.

      Also, any device is vulnerable, but not equally. A lot needs to happen for the encrypted data on my old laptop with no wi-fi capability to leak out.

  7. Dicing your way to security by drinkypoo · · Score: 1

    Seriously? No, really, seriously?

    You couldn't figure out ANY way to get sufficiently random numbers out of that calculator just from human interaction?

    --
    "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
    1. Re:Dicing your way to security by itzly · · Score: 1

      Of course, but that's not cool enough.

    2. Re:Dicing your way to security by Anonymous Coward · · Score: 0

      Well, this story is obviously a Dicevertisement.

    3. Re:Dicing your way to security by Anonymous Coward · · Score: 0

      That calculator is fairly deterministic I assume. It's low power, so probably isn't running a whole bunch of background processes to generate a lot of entropy. I'd imagine it's very much user-input interrupt driven and in power saving mode otherwise. That means any two random people running the program are going to start with roughly the same initial state, and if it's going to time key-presses to get entropy then it might as well at least have the user enter more entropy in the process.

    4. Re:Dicing your way to security by lucm · · Score: 1

      I guess "cool" is subjective

      --
      lucm, indeed.
    5. Re:Dicing your way to security by drinkypoo · · Score: 1

      and if it's going to time key-presses to get entropy then it might as well at least have the user enter more entropy in the process.

      So have them press the keys a few more times. It's still less hassle than rolling dice. Plus, what if someone figures out how to determine the roll of your dice from the sound, and has an audio bug in your facility?

      --
      "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
  8. More yo mama by DrYak · · Score: 1

    No, yo momma is too big for a hash.

    +Funny.

    To keep with today's theme:
    - Yo mama's so fat, her picture need to "Google Maps" to be viewable
    - Yo mama's so fat, said picture can provide secure hash random seeds for the rest of the whole internet's existence.

    --
    "Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
  9. A better way by Anonymous Coward · · Score: 0

    Just don't use Bitcoin. Problem solved.

    1. Re: A better way by Anonymous Coward · · Score: 0

      This. Bitcoin == watchlist.

  10. This actually has a good point by Nona+Slashdottir · · Score: 1

    Good point from TFA: " it’s secure because it never connects with a “NSA backdoored” computer when generating it", which actually makes sense. Many people have a calculator like this which provides a suitable air-gapped and safe computing resource.

  11. Fat Shitcock by Anonymous Coward · · Score: 0

    n/c

  12. But ... does it come with an NSA backdoor? by Anonymous Coward · · Score: 0

    TI-89 has a rand() function

    Does TI-89 come complete with a built-in NSA backdoor?

  13. You accidentally some words by wonkey_monkey · · Score: 4, Funny

    The video self-explanatory.

    Ah.

    Load up your calculator with the code, roll it 72 times

    Okay, done that, but nothing much happened. What is the 12-sided die for?

    --
    systemd is Roko's Basilisk.
  14. A crapshoot by Anonymous Coward · · Score: 0

    Not exactly sure why this makes any sense in the real world.. we're supposed to sit around rolling dice like monkeys before using a digital peer-to-peer currency?

    Doesn't feel like the future.

    1. Re: A crapshoot by Anonymous Coward · · Score: 0

      Get with it already. It's the newest concept for your brand new free get it now dumbphone ap. Kids will love it. It uses dice. So fun.
      So you mean to tell me that with the absolutely massive amount of bitcoins wolrdwide, someone forgot to tell all these people how to create a proper address?
      Surely there are better ways

  15. Bitcoin is backed by faith by perpenso · · Score: 1

    Bitcoin is backed by the goods and services available in exchange of it

    No, its not. The quantity of a particular good or service equating to a bitcoin can vary wildly in a very short period of time.

    Bitcoin, like other currencies, it backed by faith. And a lot of that faith has to do with speculation not commerce.

    Bitcoin is not a currency, it currently fails as a store of value. Could that change, possibly, but unlikely in the short term.
    Bitcoin is a speculative instrument.
    Bitcoin's real use is as a payment system. During payment processing bitcoins are generally not held by the recipient so the store of value problem isn't an issue. Advocates make much of the vendors who accept bitcoins but in truth most never touch a bitcoin. A bitcoin exchange is used to actually collect the coins and convert them to fiat currency immediately. And what does this demonstrate, a lack of faith.

    1. Re:Bitcoin is backed by faith by Anonymous Coward · · Score: 0

      Honestly, what did people think about paper money instead of gold or bartering - as if gold is really worth anything to anyone.

    2. Re:Bitcoin is backed by faith by Anonymous Coward · · Score: 0

      Honestly, what did people think about paper money instead of gold or bartering - as if gold is really worth anything to anyone.

      Paper money started out as a certificate representing a certain amount of gold.

  16. Hardware wallets by codebonobo · · Score: 1

    Mycelium entropy released a offline hardware based paper wallet generator which allows you to generate secure single wallets or Shamir’s 2-of-3 Secret Sharing Scheme wallets with a single click and even use your own seed if you are especially paranoid

    The unit was 40 dollars - https://mycelium.com/entropy https://mycelium.com/assets/en...

    or you could just get one of many hardware wallets - https://bitcointalk.org/index....

  17. OMG!! by Anonymous Coward · · Score: 0

    Who would have thought a calculator from ancient times can actually, well, calculate?! Amazing. Let's try if we can get the first Atari, or Eniac, or the Holerith machine to calculate a btcoin address too. Or even a Turing machine, perhaps?

    Gosh ./ used to be for nerds. It now is for retards who don't know s**.

  18. HWRNG by Zeroko · · Score: 1

    Did they try finding an entropy source on-calculator like Linux uses for /dev/random? It seems that reading from an unconnected address occasionally yields different values...maybe characterize the distribution to get a lower bound on its entropy, then let it run automated for however many seconds or minutes it takes to accumulate enough. It would be easier on the user than rolling a die a bunch. (Of course, it might be hard to rule out systematic trends in the bits returned without intimate knowledge of the physics of the hardware involved.)

    For that matter...what about the slight bias of actual physical dice rolled by humans? You only get ~258 bits from 72d12, assuming it is perfectly random. You need extra rolls to get the full 256 bits needed (with a sufficiently high probability), plus some strategy (hashing?) to mix the slightly spread-out entropy into a maximum-entropy key.

  19. Best calculator ever made. by arobustus · · Score: 1

    How about my TI-86?