📅 Original date posted:2016-07-27 📝 Original message:Jonas Schnelli via ...

Jochen Hoenicke [ARCHIVE] /

npub1tue…ca6f

2023-06-07 17:52:02

in reply to nevent1q…vfmv

📅 Original date posted:2016-07-27
📝 Original message:Jonas Schnelli via bitcoin-dev <bitcoin-dev at lists.linuxfoundation.org>
schrieb am Di., 26. Juli 2016 um 22:10 Uhr:

> Side-note: Bip39 does still use PBKDF2 with 2048 iterations which I
> personally consider "not enough" to protect a serious amount of funds.
>
>
But what are the alternatives? Put an expensive processor and a decent
amount of memory in every hardware wallet to support scrypt? Use a million
iterations and just wait 10 minutes after entering you passphrase? Or
compute the secret key on your online computer instead?

Also, how many iterations are secure? A million? Then just add two random
lower-case letters to the end of your passphrase and you have a better
protection with 2048 iterations. If you want to be able to use your
passphrase with cheap hardware and be protected against a high-end computer
with multiple GPUs that is almost a mllion times faster, then you have to
choose a good passphrase. Or just make sure nobody steals your seed; it is
not a brainwallet that is only protected by the passphrase after all.

Regards,
Jochen
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20160727/6744055a/attachment.html>;

Author Public Key

npub1tue9u2scw5pe77vn4fz0464zz0387gm0zwy2zjhqg2yap36zhj2s4dca6f

Seen on

wss://relay.noswhere.com wss://relay.nostr.band

Show more details

Published at

2023-06-07 17:52:02

Kind type

1 Short Text Note

Event JSON

{ "id": "26482d51f6acbc7f94b06b00422d7585dbd0dc5988bc46876fce1ebc9a35c325", "pubkey": "5f325e2a1875039f7993aa44faeaa213e27f236f1388a14ae04289d0c742bc95", "created_at": 1686160322, "kind": 1, "tags": [ [ "e", "d3ef87a73efb73e9def6714a0568d0ef5f056b1414d4debb82e7f1f9e566428d", "", "root" ], [ "e", "5f6a7f5f20866adb6c9708710b387c1cb4ba798d75b37fe3d42a4c3d4225323e", "", "reply" ], [ "p", "9a463e0fab8963b013698c15a0f2449d19c97f3b88458e5874095b5006df9a0c" ] ], "content": "📅 Original date posted:2016-07-27\n📝 Original message:Jonas Schnelli via bitcoin-dev \u003cbitcoin-dev at lists.linuxfoundation.org\u003e\nschrieb am Di., 26. Juli 2016 um 22:10 Uhr:\n\n\u003e Side-note: Bip39 does still use PBKDF2 with 2048 iterations which I\n\u003e personally consider \"not enough\" to protect a serious amount of funds.\n\u003e\n\u003e\nBut what are the alternatives? Put an expensive processor and a decent\namount of memory in every hardware wallet to support scrypt? Use a million\niterations and just wait 10 minutes after entering you passphrase? Or\ncompute the secret key on your online computer instead?\n\nAlso, how many iterations are secure? A million? Then just add two random\nlower-case letters to the end of your passphrase and you have a better\nprotection with 2048 iterations. If you want to be able to use your\npassphrase with cheap hardware and be protected against a high-end computer\nwith multiple GPUs that is almost a mllion times faster, then you have to\nchoose a good passphrase. Or just make sure nobody steals your seed; it is\nnot a brainwallet that is only protected by the passphrase after all.\n\nRegards,\n Jochen\n-------------- next part --------------\nAn HTML attachment was scrubbed...\nURL: \u003chttp://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20160727/6744055a/attachment.html\u003e", "sig": "17187492f403038c257ee765b2bf00f0a6817a9b184bad3a8f48610a275258b1c19290c77c0ed891fb547d76d5a5035b4eee94a404b6281d604cb18c6d098b3c" }