waxwing on Nostr: I doubt my idea is possible, sadly. An interesting nuance here: look at how mnemonics ...
I doubt my idea is possible, sadly. An interesting nuance here: look at how mnemonics evolved in btc, which is using the same keys. we decided that a range of possible entropies from 128 bits to 256 bits is reasonable. I believe this is related to the fact that the best attacks on ECDLP are O(sqrt n) so your 256 private key really "only" has 128 bits anyway. So let's say you start with a 128 bit master secret and then you generate a quasi-infinite number of keys from that with HD (BIP32). So, hmm, it's 12 words this way with a 2000 word dictionary (because 10^3 is about 2^10 so 2000 is about 2^11 and if you raise it to a power 12 you get 132>128. But if we reduce the number of words it's (obviously) an exponential loss of entropy. Say you choose 6 words, then you're looking at solving (k)^6 = 2^128 so k has to be ~ 2^21 or like a million words; a dictionary size of even 20K is nowhere near.
Published at
2025-01-20 14:58:15Event JSON
{
"id": "fafe1d7a57d60aca6a88c1dd772ea566bff2f908743cfa93a4bb689f83a7458b",
"pubkey": "675b84fe75e216ab947c7438ee519ca7775376ddf05dadfba6278bd012e1d728",
"created_at": 1737385095,
"kind": 1,
"tags": [
[
"e",
"0ae773fc076f1550c9d3dee5447ec7931b958807b4d454660d0e65397b1e307b",
"",
"root"
],
[
"e",
"00005dc69957679ca3ea77eb531d3a76330a2359897e6b7b0b948e777b199307",
"",
"reply"
],
[
"p",
"675b84fe75e216ab947c7438ee519ca7775376ddf05dadfba6278bd012e1d728"
],
[
"p",
"3bf0c63fcb93463407af97a5e5ee64fa883d107ef9e558472c4eb9aaaefa459d"
]
],
"content": "I doubt my idea is possible, sadly. An interesting nuance here: look at how mnemonics evolved in btc, which is using the same keys. we decided that a range of possible entropies from 128 bits to 256 bits is reasonable. I believe this is related to the fact that the best attacks on ECDLP are O(sqrt n) so your 256 private key really \"only\" has 128 bits anyway. So let's say you start with a 128 bit master secret and then you generate a quasi-infinite number of keys from that with HD (BIP32). So, hmm, it's 12 words this way with a 2000 word dictionary (because 10^3 is about 2^10 so 2000 is about 2^11 and if you raise it to a power 12 you get 132\u003e128. But if we reduce the number of words it's (obviously) an exponential loss of entropy. Say you choose 6 words, then you're looking at solving (k)^6 = 2^128 so k has to be ~ 2^21 or like a million words; a dictionary size of even 20K is nowhere near.",
"sig": "1d034df2ca33ba1a2b747425e974b0bd7b3e2d3ac47af11eb1085511ed95014c4346e869cfbe63e8a8e2460f1add50b04bd3fd38ebef1a81020a56cd7fe5341b"
}
