Trey Del Bonis [ARCHIVE] on Nostr: 📅 Original date posted:2019-03-05 📝 Original message:>Mid-level hardware can ...
📅 Original date posted:2019-03-05
📝 Original message:>Mid-level hardware can check 50k addresses per second, which means it would only take around 2 hours to check all possibilities.
Yes that's a problem that I'm now realizing exists. Whoops! Changing
the parameters to a 25-of-50 setup gets us ~129 bits in that case,
which is better but still somewhat crappy as 25 is a lot of words to
remember. You'd be *far* better off just memorizing a BIP-39
seedphrase. Maybe it would make sense to include in the hash some
extra secret phrase as extra entropy? Probably not worth it.
>Maybe they only print 35 different combinations and assume people don't eat Chinese food enough to notice?
Upon some later research I found that this is actually the case from
certain vendors, which is unfortunate.
>I'm not sure why you would want to go this route :)
Because it was a fun idea I had while eating Chinese take-out the other day. :)
On Tue, Mar 5, 2019 at 8:06 PM James MacWhyte <macwhyte at gmail.com> wrote:
>
> On Tue, Mar 5, 2019 at 4:39 PM Trey Del Bonis via bitcoin-dev <bitcoin-dev at lists.linuxfoundation.org> wrote:
>>
>> Keeping 20 around is a little excessive but it gives 390700800 possible wallets. So security can be trivially parameterized based on how secure you want your wallet to be if someone finds your stash.
>
>
> Mid-level hardware can check 50k addresses per second, which means it would only take around 2 hours to check all possibilities. So please don't think this presents any kind of challenge to someone who finds your 20 pieces of paper and assumes you would only keep them if they are hiding your wallet ;)
>
> Entropy-wise, simply using a strong RNG would provide a better result than relying on the printing company. Maybe they only print 35 different combinations and assume people don't eat Chinese food enough to notice?
>
> If it's poor entropy and doesn't really provide any protection against being brute forced if found, I'm not sure why you would want to go this route :)
>
> James
📝 Original message:>Mid-level hardware can check 50k addresses per second, which means it would only take around 2 hours to check all possibilities.
Yes that's a problem that I'm now realizing exists. Whoops! Changing
the parameters to a 25-of-50 setup gets us ~129 bits in that case,
which is better but still somewhat crappy as 25 is a lot of words to
remember. You'd be *far* better off just memorizing a BIP-39
seedphrase. Maybe it would make sense to include in the hash some
extra secret phrase as extra entropy? Probably not worth it.
>Maybe they only print 35 different combinations and assume people don't eat Chinese food enough to notice?
Upon some later research I found that this is actually the case from
certain vendors, which is unfortunate.
>I'm not sure why you would want to go this route :)
Because it was a fun idea I had while eating Chinese take-out the other day. :)
On Tue, Mar 5, 2019 at 8:06 PM James MacWhyte <macwhyte at gmail.com> wrote:
>
> On Tue, Mar 5, 2019 at 4:39 PM Trey Del Bonis via bitcoin-dev <bitcoin-dev at lists.linuxfoundation.org> wrote:
>>
>> Keeping 20 around is a little excessive but it gives 390700800 possible wallets. So security can be trivially parameterized based on how secure you want your wallet to be if someone finds your stash.
>
>
> Mid-level hardware can check 50k addresses per second, which means it would only take around 2 hours to check all possibilities. So please don't think this presents any kind of challenge to someone who finds your 20 pieces of paper and assumes you would only keep them if they are hiding your wallet ;)
>
> Entropy-wise, simply using a strong RNG would provide a better result than relying on the printing company. Maybe they only print 35 different combinations and assume people don't eat Chinese food enough to notice?
>
> If it's poor entropy and doesn't really provide any protection against being brute forced if found, I'm not sure why you would want to go this route :)
>
> James