Entropy Collection with Dice Rolls and Coin Flips
Computers use random numbers for many different things. Be it for video games, gambling, or cryptography. But strangely enough, randomness is very hard for computers to do. Computers are good at calculating things, but when you ask them to give you a truly random number, they can’t do that. That’s why devices contain special chips (known as random number generators or RNGs) with the single purpose of delivering random numbers. Wallets like AirGap rely heavily on those RNGs to generate secure secrets. That’s why it’s important that those random numbers are truly random and nobody tampered with them.
Problem with compromised hardware
To generate a secure secret, a random input is needed, which is then converted to a key, often represented as 24 words. The source of randomness during this step must be good. If it’s not, then it means that the generated secrets are not random, and they can potentially be guessed or recalculated by an attacker that knows how they were generated. RNG chips were introduced to solve this problem. But the issue is that it’s often not clear how those chips work. There is no way to determine if the output of those chips is random, or if it outputs predetermined sequences that look random but that the manufacturer can reconstruct.
Since the first version of AirGap, we have been aware of this problem with random number generators. Because of this, we always collect additional entropy from the camera, microphone, accelerometer, and touch input before generating a secret to reduce the attack vector created by a compromised RNG. The resulting mnemonic will contain both the output of the RNG, but also the data of the user’s input. If someone wants to compromise and recalculate the secret, he needs to know both inputs, so a compromised RNG isn’t enough anymore to recover a mnemonic.
Problem with compromised software
By using additional user inputs, we can solve the problem of compromised hardware. But it still means that users will have to trust us, the developers of AirGap, that the entropy of the different inputs is processed correctly and we don’t show the user some predefined mnemonics where we have access to. This is where the new dice-roll and coin-flip feature comes in.
Instead of relying on the device to give you random numbers to generate the mnemonic, the user has to provide those random numbers himself. This eliminates the risk of a compromised RNG because it is no longer involved in the process. It also solves the problem of not trusting the software because the mnemonic is generated out of the provided input is deterministic. So a different wallet or software can be used to verify that the same input always results in the correct output. If that is the case, the user can be sure that the secret that he generated on an air-gapped device is random and has not been tampered with.
The dice roll/coin flip feature is very simple. You can use dice or coin flips to generate a specific sequence of inputs. In the case of coin flips, you need 256 flips to get the randomness or entropy necessary for a 24-word mnemonic. In the case of dice rolls, you need 99. You can collect your entropy without any digital help and write it down. The only thing that AirGap Vault does is it calculates your mnemonic out of the entropy you provide. This process is deterministic, so you can verify that our implementation is correct and produces the same output by comparing it with another wallet.
The primary goal of AirGap is security, and we are constantly evolving and bringing the best security features to you. Being security conscious from the very first setup of your wallet is as important as how well you keep your mnemonics. Consider the scenario in which you keep your mnemonics offline and protected, but there is a chance that someone else will be able to reproduce them. We don’t want to leave any room for RNGs failures. That is why we have implemented these two security measures and encourage our users to use them for maximum security.
Let’s start with Dice Rolls in AirGap
Here are the things you will need:
- The vault App
- Dice with 6 sides (Preferable: A new casino grade dice, more than one dice with good quality).
- Dice tray (Optional)
Note: Don’t use Dice Apps on your phone or computer.
Open the Vault app. On the setup page, toggle the Advanced Mode and click the GENERATE WITH DICE ROLLS button.
Roll the dice on a tray (if available) or any flat surface.
If you’re using only one dice, tossing at least 99 times may be tiresome. However, once you understand why this works for randomness, you wouldn’t mind paying the cost.
Repeat this process at least 99 times. For every roll, record the outcome on the app by clicking the number at the bottom.
Note: There are multiple standards of how dice roll inputs can be interpreted. We have the two methods in AirGap. The default method and ColdCard method.
Click on the icon on the top right corner to select the method you want to use. The two methods generate two different mnemonics.
Click the proceed Icon and read and follow the instructions on the next page.
Click the understood button to generate your mnemonics from your dice roll input.
Hurray, You’ve successfully generated your mnemonics from the dice roll features.
Coin flip in AirGap
Here are the things you will need:
The vault App.
A coin (Preferable: A new one).
Note: Don’t use coin flipper Apps on your phone or computer.
Open the Vault app. On the setup page, toggle the Advanced Mode and click the GENERATE WITH COIN FLIPS button.
Flip the coin 256 times.
Record your outcome on the vault using the head and teal button at the bottom of the page.
Click the proceed Icon
Read and follow the instructions on the next page.
Click the understood button to generate your mnemonics from your coin flip input.
You’ve successfully generated your mnemonics from the coin flip features.
Do you have any questions regarding AirGap?
Reach out to us via Discord or visit the AirGap help center.
Download AirGap
AirGap Wallet
📱 iOS — App Store
📱 Android — Google Play (GitHub APK)
💻 macOS
💻 Windows
💻 Linux
AirGap Vault
📱 iOS — App Store
📱 Android — Google Play (GitHub APK)
