Thomas Voegtlin [ARCHIVE] on Nostr: 📅 Original date posted:2014-03-27 📝 Original message:Le 27/03/2014 13:49, Mike ...
📅 Original date posted:2014-03-27
📝 Original message:Le 27/03/2014 13:49, Mike Hearn a écrit :
> Ah, BIP32 allows for a range of entropy sizes and it so happens that
> they picked 256 bits instead of 128 bits.
>
> I'd have thought that there is a right answer for this. 2^128 should not
> be brute forceable, and longer sizes have a cost in terms of making the
> seeds harder to write down on paper. So should this be a degree of freedom?
>
Here is what I understand:
2^128 iterations is not brute forcable today, and will not be for the
foreseeable future.
An EC pubkey of length n can be forced in approximately 2^(n/2)
iterations (see http://ecc-challenge.info/) Thus, Bitcoin pubkeys, which
are 256 bits, would require 2^128 iterations. This is why unused
addresses (160 bits hash) are better protected than already used ones.
However, people tend to believe that a public key of size n requires 2^n
iterations. This belief might have been spread by this popular image:
https://bitcointalk.org/index.php?topic=508880.msg5616146#msg5616146
📝 Original message:Le 27/03/2014 13:49, Mike Hearn a écrit :
> Ah, BIP32 allows for a range of entropy sizes and it so happens that
> they picked 256 bits instead of 128 bits.
>
> I'd have thought that there is a right answer for this. 2^128 should not
> be brute forceable, and longer sizes have a cost in terms of making the
> seeds harder to write down on paper. So should this be a degree of freedom?
>
Here is what I understand:
2^128 iterations is not brute forcable today, and will not be for the
foreseeable future.
An EC pubkey of length n can be forced in approximately 2^(n/2)
iterations (see http://ecc-challenge.info/) Thus, Bitcoin pubkeys, which
are 256 bits, would require 2^128 iterations. This is why unused
addresses (160 bits hash) are better protected than already used ones.
However, people tend to believe that a public key of size n requires 2^n
iterations. This belief might have been spread by this popular image:
https://bitcointalk.org/index.php?topic=508880.msg5616146#msg5616146