Author: StJohn Piano
This page is subject to change at any time. It is not signed by its author or by Edgecase Datafeed.

A Bitcoin address is the public entity that holds bitcoin. Anyone can know the address and send Bitcoin payments to it.

An address is derived from a private key. The private key is the entity that can authorise a payment from the address. It must be kept secret. Anyone who knows it can spend bitcoin from the corresponding address.

In computing, "entropy" is used to mean "some information without predictable structure". It is generated using some physical process whose output is unpredictable and converted by a transducer into digital data.

Bitcoin addresses rely on ECDSA public-key cryptography. In the ECDSA cryptosystem, entropy is needed for private keys and for making signatures.

The human brain is bad at generating entropy. Given that a large part of its operation involves detecting patterns, this is unsurprising. Detecting patterns is the opposite of generating random values. If a human is asked to think of a random string of words, his/her mind will flow along existing grooves of thought in ways that could be predicted with some success by an adversary.

So, if you try to think of a good passphrase for use as a private key, this may be more guessable than high-quality entropy and therefore insecure. Example: It is possible to write a program that will generate many combinations of this type:
"[mother's maiden name] + [your birthplace] + [your house number] + [etc]"
and test them to see if, when used as Bitcoin private keys, they lead to Bitcoin addresses that exist on the Bitcoin blockchain and contain bitcoin. If they do, then your bitcoin can be stolen.

It is difficult and time-consuming to generate high-quality entropy. If a tool is used to automate entropy generation, auditing such a tool is difficult and time-consuming.

Dice can be used to generate sufficient entropy for private keys and signatures in Bitcoin. Approximately 10 minutes of rolling a set of 5 dice is needed for each private key or transaction signature. Listening to music while rolling dice can make the activity more tolerable.

To create a Bitcoin private key, you will need to generate 32 bytes of entropy.

You will need:
- an offline computer with Python 2.7.x installed. The code has been developed under Python 2.7.13 running on Mac OS X 10.6.8 (Snow Leopard), and should run successfully on other versions of Python 2.7.
- some dice (e.g. 5).
- a tray with raised edges in which to roll the dice.

Browse to the following article:
Generating entropy with dice
and follow the recipe in the section Recipe For Generating Entropy Bytes Using Dice.

Update: This recipe uses a script to convert dice rolls into entropy bytes. An updated version of this script has been published, and can be downloaded here:
convert_dice_rolls_to_hex_bytes_2.py [paywalled]
This new version of the script is an asset of the following article:
Using a transaction to validate a Bitcoin address
Please read the Downloadable Assets section of this article for details concerning the new version.

For more information concerning entropy and using dice to generate it:
- Browse to the article Generating entropy with dice and read the Notes and Further Work sections.

For more information about Bitcoin private keys:
- Browse to the article Generating a standard Bitcoin address. Go to the Notes / Discoveries section. Go to the part "Notes on the nature, secure creation, and validity of Bitcoin private keys and transactions". Read items (1) and (3).