diff options
| author | Jochen Hoenicke <hoenicke@gmail.com> | 2016-07-27 10:39:36 +0000 |
|---|---|---|
| committer | bitcoindev <bitcoindev@gnusha.org> | 2016-07-27 10:39:48 +0000 |
| commit | 8db2d4744ce29d14c61e5f3508bcd60d2d41cbae (patch) | |
| tree | 2de83987bfb773bc25439520f59ad3c1ac338e16 /c0 | |
| parent | 13e3cae085dccd524f49e5a3056ad58370c0fc59 (diff) | |
| download | pi-bitcoindev-8db2d4744ce29d14c61e5f3508bcd60d2d41cbae.tar.gz pi-bitcoindev-8db2d4744ce29d14c61e5f3508bcd60d2d41cbae.zip | |
Re: [bitcoin-dev] BIP proposal: derived mnemonics
Diffstat (limited to 'c0')
| -rw-r--r-- | c0/9609edbc79a777dd42195d24411465b17f8b16 | 120 |
1 files changed, 120 insertions, 0 deletions
diff --git a/c0/9609edbc79a777dd42195d24411465b17f8b16 b/c0/9609edbc79a777dd42195d24411465b17f8b16 new file mode 100644 index 000000000..a4d5aa5ec --- /dev/null +++ b/c0/9609edbc79a777dd42195d24411465b17f8b16 @@ -0,0 +1,120 @@ +Return-Path: <hoenicke@gmail.com> +Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org + [172.17.192.35]) + by mail.linuxfoundation.org (Postfix) with ESMTPS id 3D2008D7 + for <bitcoin-dev@lists.linuxfoundation.org>; + Wed, 27 Jul 2016 10:39:48 +0000 (UTC) +X-Greylist: whitelisted by SQLgrey-1.7.6 +Received: from mail-wm0-f43.google.com (mail-wm0-f43.google.com [74.125.82.43]) + by smtp1.linuxfoundation.org (Postfix) with ESMTPS id A069716F + for <bitcoin-dev@lists.linuxfoundation.org>; + Wed, 27 Jul 2016 10:39:47 +0000 (UTC) +Received: by mail-wm0-f43.google.com with SMTP id q128so206871295wma.1 + for <bitcoin-dev@lists.linuxfoundation.org>; + Wed, 27 Jul 2016 03:39:47 -0700 (PDT) +DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; + h=mime-version:references:in-reply-to:from:date:message-id:subject:to; + bh=/zXC+SXka1qGvojD79TqHlpXb4he5d8bL/LwmvlmxTg=; + b=VmXROPVtsTmGNezSbLi3MK70bpk5sOFBqqX0yHvUfzIurgNfttbeet5Qb4NsxI/Jq+ + MkisNa4vSWlysXhyWWnQ232et1MlfJmoUT3nFyHjTF0vKA4RRW7VaqI8l8lrUYx/qTV6 + gYKwKoeDZJ3ZnclZ4sTVZ62H6UvtmU1893m8rFzNk/7Kom7pMq6KNm9R8UpgkhueDodX + TpWNuqAdwZoNotv64WyPUYps8eoSBcjAMwqmQ7288vzjr/0jKKzVCspa8eKAlyxAhX0T + y04xQkKlR1Yt7CbWQj5ptXf0/hzplMY9vyMqv2fiknKV1x4RRPdlBtkvXTF+5gDxSeje + 6oaA== +X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; + d=1e100.net; s=20130820; + h=x-gm-message-state:mime-version:references:in-reply-to:from:date + :message-id:subject:to; + bh=/zXC+SXka1qGvojD79TqHlpXb4he5d8bL/LwmvlmxTg=; + b=R8YF/mzhSpLVpXGG8aKYvncxGOrK7cNuZ/9IU51rvkLAqZEwXSjASTn122d8GXhhR5 + lNSvHkeh0n1+B1969LGAl50t8XtGWtR+F7JPXRMhESCBygNmKYCLj/uIqpUUPG5PPyru + C4BCb/lqBfrwxeBah1sqKYA0cpPTCHDuL1bTrXmfCqMyGSFAFwOojz7i6rP4cFrMkls3 + 63/kaIwiMMCrRE0AE7sHKOqKZ8qpN0VG9OUWGumhVYRNMd9iyFFD6Gpo0DeT715pY8dK + ThtBkeX0TPGWlIPN0OOD+dtBwkQjERTMfrE5NmzLEx9HkG82fF3p5JO4JBuvdN/d/T3F + fr2Q== +X-Gm-Message-State: AEkoouujKkGOSKBbZTK2nTcYuisjgsTWKqWXOtpCo2Se8gBrOQA5yeywwA3krZGSvCp0oxvVgXwIfbhd9H9qxw== +X-Received: by 10.194.58.112 with SMTP id p16mr27285683wjq.24.1469615986068; + Wed, 27 Jul 2016 03:39:46 -0700 (PDT) +MIME-Version: 1.0 +References: <5797AC88.8030507@gmail.com> <5797C3A7.5030600@jonasschnelli.ch> +In-Reply-To: <5797C3A7.5030600@jonasschnelli.ch> +From: Jochen Hoenicke <hoenicke@gmail.com> +Date: Wed, 27 Jul 2016 10:39:36 +0000 +Message-ID: <CANYHNmLot1+-LbisfrPRtgDPnofD7bnQ3By_pgT2RFvLHRm7Hg@mail.gmail.com> +To: Jonas Schnelli <dev@jonasschnelli.ch>, + Bitcoin Protocol Discussion <bitcoin-dev@lists.linuxfoundation.org> +Content-Type: multipart/alternative; boundary=047d7ba97076ce52c405389ba272 +X-Spam-Status: No, score=-2.7 required=5.0 tests=BAYES_00,DKIM_SIGNED, + DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FROM,HTML_MESSAGE,RCVD_IN_DNSWL_LOW + autolearn=ham version=3.3.1 +X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on + smtp1.linux-foundation.org +Subject: Re: [bitcoin-dev] BIP proposal: derived mnemonics +X-BeenThere: bitcoin-dev@lists.linuxfoundation.org +X-Mailman-Version: 2.1.12 +Precedence: list +List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org> +List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>, + <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe> +List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/> +List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org> +List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help> +List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>, + <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe> +X-List-Received-Date: Wed, 27 Jul 2016 10:39:48 -0000 + +--047d7ba97076ce52c405389ba272 +Content-Type: text/plain; charset=UTF-8 + +Jonas Schnelli via bitcoin-dev <bitcoin-dev@lists.linuxfoundation.org> +schrieb am Di., 26. Juli 2016 um 22:10 Uhr: + +> Side-note: Bip39 does still use PBKDF2 with 2048 iterations which I +> personally consider "not enough" to protect a serious amount of funds. +> +> +But what are the alternatives? Put an expensive processor and a decent +amount of memory in every hardware wallet to support scrypt? Use a million +iterations and just wait 10 minutes after entering you passphrase? Or +compute the secret key on your online computer instead? + +Also, how many iterations are secure? A million? Then just add two random +lower-case letters to the end of your passphrase and you have a better +protection with 2048 iterations. If you want to be able to use your +passphrase with cheap hardware and be protected against a high-end computer +with multiple GPUs that is almost a mllion times faster, then you have to +choose a good passphrase. Or just make sure nobody steals your seed; it is +not a brainwallet that is only protected by the passphrase after all. + +Regards, + Jochen + +--047d7ba97076ce52c405389ba272 +Content-Type: text/html; charset=UTF-8 +Content-Transfer-Encoding: quoted-printable + +<div dir=3D"ltr"><div class=3D"gmail_quote"><div dir=3D"ltr">Jonas Schnelli= + via bitcoin-dev <<a href=3D"mailto:bitcoin-dev@lists.linuxfoundation.or= +g">bitcoin-dev@lists.linuxfoundation.org</a>> schrieb am Di., 26. Juli 2= +016 um 22:10=C2=A0Uhr:<br></div><blockquote class=3D"gmail_quote" style=3D"= +margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Side-note: B= +ip39 does still use PBKDF2 with 2048 iterations which I<br> +personally consider "not enough" to protect a serious amount of f= +unds.<br><br></blockquote><div><br></div><div><span style=3D"line-height:1.= +5">But what are the alternatives?=C2=A0 Put an expensive processor and a de= +cent amount of memory in every hardware wallet to support scrypt?=C2=A0 Use= + a million iterations and just wait 10 minutes after entering you passphras= +e?=C2=A0 Or compute the secret key on your online computer instead?</span><= +br></div><div><br></div><div><div>Also, how many iterations are secure?=C2= +=A0 A million?=C2=A0 Then just add two random lower-case letters to the end= + of your passphrase and you have a better protection with 2048 iterations.= +=C2=A0<span style=3D"line-height:1.5">If you want to be able to use your pa= +ssphrase with cheap hardware and be protected against a high-end computer w= +ith multiple GPUs that is almost a mllion times faster, then you have to ch= +oose a good passphrase.=C2=A0 Or just make sure nobody steals your seed; it= + is not a brainwallet that is only protected by the passphrase after all.</= +span></div></div><div><br></div><div>Regards,</div><div>=C2=A0 Jochen</div>= +<div><br></div></div></div> + +--047d7ba97076ce52c405389ba272-- + |