diff options
| author | James MacWhyte <macwhyte@gmail.com> | 2019-01-02 18:06:08 +0000 |
|---|---|---|
| committer | bitcoindev <bitcoindev@gnusha.org> | 2019-01-02 18:06:37 +0000 |
| commit | a5ec37f912bf198199d640c2a7f4d0bb2ac9c39b (patch) | |
| tree | 70c73952fd4dd383fa55adff9f643cf19e0c8664 | |
| parent | c9f280a56bd793855f90fbe136b910332a8deed8 (diff) | |
| download | pi-bitcoindev-a5ec37f912bf198199d640c2a7f4d0bb2ac9c39b.tar.gz pi-bitcoindev-a5ec37f912bf198199d640c2a7f4d0bb2ac9c39b.zip | |
Re: [bitcoin-dev] BIP39 seeds
| -rw-r--r-- | 56/cb6e9fcb9efb7b06bd1223aea074486fb8f475 | 138 |
1 files changed, 138 insertions, 0 deletions
diff --git a/56/cb6e9fcb9efb7b06bd1223aea074486fb8f475 b/56/cb6e9fcb9efb7b06bd1223aea074486fb8f475 new file mode 100644 index 000000000..4abe411ee --- /dev/null +++ b/56/cb6e9fcb9efb7b06bd1223aea074486fb8f475 @@ -0,0 +1,138 @@ +Return-Path: <keatonatron@gmail.com> +Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org + [172.17.192.35]) + by mail.linuxfoundation.org (Postfix) with ESMTPS id 6BF8ABA0 + for <bitcoin-dev@lists.linuxfoundation.org>; + Wed, 2 Jan 2019 18:06:37 +0000 (UTC) +X-Greylist: whitelisted by SQLgrey-1.7.6 +Received: from mail-wm1-f41.google.com (mail-wm1-f41.google.com + [209.85.128.41]) + by smtp1.linuxfoundation.org (Postfix) with ESMTPS id D3B42701 + for <bitcoin-dev@lists.linuxfoundation.org>; + Wed, 2 Jan 2019 18:06:36 +0000 (UTC) +Received: by mail-wm1-f41.google.com with SMTP id p6so28295444wmc.1 + for <bitcoin-dev@lists.linuxfoundation.org>; + Wed, 02 Jan 2019 10:06:36 -0800 (PST) +DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; + h=mime-version:references:in-reply-to:from:date:message-id:subject:to; + bh=weKyElmg5YhFQSwmxBrW9HJwy3GFux4h7QHtTqLdgGo=; + b=rtI6h2xk070W2V13yaMGQqMvR4Irge9mN4fmHIFkXEpTABzQqnz0MWLnzYO/w6GprK + e97bhTfibwk5nDbDJF/Rgm9rPtUYe8UygvxxUWMGANkbXzC+muX+U/G5sd8QEARBkWTG + BEj1JbfYfHwe7av/xta4Vt67emajW3NwSY5uyeEXBsFX3jweA7HKOKcsheib30M344ry + 8Usm5y/liM5OFxeFMwA9r28U+facz/N3XsdxPZS7aCN7N+wAkjTpP4cVJdeZpHkeYshP + y2E9bUpdtP/sk4Shg9xJDXHK8gzO56xfYRx8uu6IkcABpqWxe5WdaK6gOzp6dbBw0Crf + SA2A== +X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; + d=1e100.net; s=20161025; + h=x-gm-message-state:mime-version:references:in-reply-to:from:date + :message-id:subject:to; + bh=weKyElmg5YhFQSwmxBrW9HJwy3GFux4h7QHtTqLdgGo=; + b=noDjsrPvslmpS3NirFsSB8a8KhJWLm2VjFJYbAkdQ0pfKHQogngaUkLCopYy3V+1ad + ASsq9N6B1174Sm/oOJ68AW9gaDY9nX2CFD1LJD0TI2azm+NSAogyBWBYRFMpn7ctNQfO + 9vl7YBzabxsH60xKKwC3lZ19rLlQTAhQHrNfHfBw6M1/zmr/biOrc681+b6eQGYKlk3Q + V7Pd+SQ/E6ge1VOkLyWDgnVUlbbhx9NeTg+q8W9R5mj+Ktk34bJ7uTodCCNrgcGUSsOe + y9OrznXmO1viiyOZpPB1GYuUedGhetQERI0D92K4hArl+wEq6u+Wok2aAHA40iyiECeZ + //4g== +X-Gm-Message-State: AJcUukdBewLLszuhjC3dGp4/wlkVYb/GnVm7EaM41YLPgaWb2V9qo4q+ + CUEKRzJUHZlaUPF0NGtIAsZb+fa+7np513xamtU= +X-Google-Smtp-Source: ALg8bN7/MG0VKOGvb0nfQGQx+tQ+k3ZF7xp6KffhfYbVb3tHGe1p8RPM5Xf0wK/d8HE+sRTnf6h4MI87rpxliC60qYs= +X-Received: by 2002:a1c:578e:: with SMTP id + l136mr23208298wmb.124.1546452395280; + Wed, 02 Jan 2019 10:06:35 -0800 (PST) +MIME-Version: 1.0 +References: <68330522-7e7c-c3b4-99a9-1c68ddb56f23@gmail.com> + <f2d73a92-e1c5-9072-e255-fa012a9f9d1b@satoshilabs.com> + <db184306-7ec0-322e-5637-7889b51f50bf@gmail.com> + <CAH+Axy6dKDOkE6cQYZUusTUxxOSwWchOWxYh6ZkhnOgXuELaYg@mail.gmail.com> + <743fb106-977e-1f34-47af-9fb3b8621e72@gmail.com> + <CAH+Axy7v=26P8=CJPUqymKOcromGz+zYZ2cb2KaASgXNPpE2tQ@mail.gmail.com> + <c91cd61b-3ec5-6c7a-c7e3-7ceb48539625@gmail.com> + <CALPhJawf98+uqZXQRGH3Tjo1CnZJfE+CMw9J2ZqiHHmwDSdugQ@mail.gmail.com> +In-Reply-To: <CALPhJawf98+uqZXQRGH3Tjo1CnZJfE+CMw9J2ZqiHHmwDSdugQ@mail.gmail.com> +From: James MacWhyte <macwhyte@gmail.com> +Date: Wed, 2 Jan 2019 18:06:08 +0000 +Message-ID: <CAH+Axy72BTi8+yiUnbrr_Fd8XDf0g6eygOT-6OHRZ8En7W3qbA@mail.gmail.com> +To: thealanevans@gmail.com, + Bitcoin Protocol Discussion <bitcoin-dev@lists.linuxfoundation.org> +Content-Type: multipart/alternative; boundary="000000000000aecebe057e7d812e" +X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIM_SIGNED, + DKIM_VALID, DKIM_VALID_AU, FREEMAIL_FROM, HTML_MESSAGE, + RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 +X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on + smtp1.linux-foundation.org +X-Mailman-Approved-At: Thu, 03 Jan 2019 02:44:10 +0000 +Subject: Re: [bitcoin-dev] BIP39 seeds +X-BeenThere: bitcoin-dev@lists.linuxfoundation.org +X-Mailman-Version: 2.1.12 +Precedence: list +List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org> +List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>, + <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe> +List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/> +List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org> +List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help> +List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>, + <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe> +X-List-Received-Date: Wed, 02 Jan 2019 18:06:37 -0000 + +--000000000000aecebe057e7d812e +Content-Type: text/plain; charset="UTF-8" + +On Wed, Jan 2, 2019 at 3:40 AM Alan Evans via bitcoin-dev < +bitcoin-dev@lists.linuxfoundation.org> wrote: + +> +> I think any method that doesn't use real entropy, but some fake source of +> randomness, such as a book is asking to be hacked and so is not a +> reasonable idea. +> +> If an algorithm for book text to BIP39 sentence ever became well used, +> common books will be systematically searched for accounts. People will also +> choose their favourite passages, so I would expect to see collisions. +> +> +I tend to have this conversation a lot ;) I'm not sure what Aymeric has in +mind, but my suggestions are for use by the small few who properly +understand how these things work. I am not suggesting blockchain.info +require every user to choose a book passage to use as their backup phrase! + +There are so many small things that could be done to make a text input +unique. Choose the X number of words from the start of the Nth sentence. +Replace all punctuation with exclamation points. Combine two sentences from +different pages. It would be nigh impossible to brute force any of these, +and would require hints/instructions from the owner to recover. + +But I admit if this is not intended for standardization, discussing it on +this mailing list is probably unwarranted. + +--000000000000aecebe057e7d812e +Content-Type: text/html; charset="UTF-8" +Content-Transfer-Encoding: quoted-printable + +<div dir=3D"ltr"><div class=3D"gmail_quote"><div dir=3D"ltr">On Wed, Jan 2,= + 2019 at 3:40 AM Alan Evans via bitcoin-dev <<a href=3D"mailto:bitcoin-d= +ev@lists.linuxfoundation.org">bitcoin-dev@lists.linuxfoundation.org</a>>= + wrote:<br></div><blockquote class=3D"gmail_quote" style=3D"margin:0px 0px = +0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir= +=3D"ltr"><div dir=3D"ltr"><div dir=3D"ltr"><div><br></div><div>I think any = +method that doesn't use real entropy, but some fake source of randomnes= +s, such as a book is asking to be hacked and so is not a reasonable idea.</= +div><div><br></div><div>If an algorithm for book text to BIP39 sentence=C2= +=A0ever became well used, common books will be systematically searched for = +accounts. People will also choose their favourite passages, so I would expe= +ct to see collisions.</div><div><br></div></div></div></div></blockquote><d= +iv><br></div><div>I tend to have this conversation a lot ;) I'm not sur= +e what Aymeric has in mind, but my suggestions are for use by the small few= + who properly understand how these things work. I am not suggesting <a href= +=3D"http://blockchain.info">blockchain.info</a> require every user to choos= +e a book passage to use as their backup phrase!</div><div><br></div><div>Th= +ere are so many small things that could be done to make a text input unique= +. Choose the X number of words from the start of the Nth sentence. Replace = +all punctuation with exclamation points. Combine two sentences from differe= +nt pages. It would be nigh impossible to brute force any of these, and woul= +d require hints/instructions from the owner to recover.</div><div><br></div= +><div>But I admit if this is not intended for standardization, discussing i= +t on this mailing list is probably unwarranted.</div></div></div> + +--000000000000aecebe057e7d812e-- + |