Salt

AT -

Note
This is an advanced feature for security experts.

If you do not trust your Mycelium Entropy device and believe it may be backdoored, then this feature, sometimes also referred to as Diceware, is for you. It lets you add your own entropy (salt) to the mix so that:

  • even though the salt is entered on your computer into settings.txt in a generally insecure way, its leakage does not compromise your key;

  • if the device’s RNG is rigged in an undetectable way, your key is still secure because of the salt;

  • the algorithm’s implementation is easily verified.

The current implementation is fairly simple and is called Type-1 salt. A more advanced algorithm has been proposed but has not been implemented yet.

  • Salt is a string of up to 32 bytes, which is entered in hexadecimal after the salt1 keyword in settings.txt. It must contain a whole number of bytes, that is, an even number of hexadecimal digits, up to 64.

  • Entropy is a 32-byte random number generated by Mycelium Entropy.

  • Key = SHA-256 ( Salt || Entropy ), where || denotes concatenation.

    • In the HD case, the first 128 bits of Key are used to construct the BIP-39 mnemonic.

  • Entropy is printed alongside the private/public key pair for your verification.

“Salted” keys can be verified at mycelium.com/assets/entropy/checksalt/salt.html.

Have more questions? Submit a request

Comments