Our great sponsors
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
another dangerous toy I particularly enjoy, vanity keys:
https://github.com/warner/wireguard-vanity-address
Although not as dangerous since the entropy of the rng is (mostly?) still there. If I'm doing the handwaving right, it's base64 where each char contains 6 bits, so you reduce the effective keysize to 256-6*$num_chars -- cryptographers tell me how wrong I am :)
This article [0] has a good explanation of why clamping is necessary. But the process is very simple, you just generate 256 random bits, clear the three lowest order to avoid small subgroup attacks, then clear the highest order and set the second highest order to avoid side-channel attacks which may occur if an implementation isn’t constant-time. The Libsodium source shows this pretty clearly: [1], lines 18-23.
0: https://www.jcraige.com/an-explainer-on-ed25519-clamping
1: https://github.com/jedisct1/libsodium/blob/master/src/libsod...
See BIP39 for an established standard to creating a mnemonic sequences out of entropy: https://github.com/bitcoin/bips/blob/ad745f2f0155c90f0471ba8...