Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id DFBA2DC3 for ; Thu, 18 Jan 2018 01:14:55 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.7.6 Received: from mail-wr0-f170.google.com (mail-wr0-f170.google.com [209.85.128.170]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id A6539171 for ; Thu, 18 Jan 2018 01:14:53 +0000 (UTC) Received: by mail-wr0-f170.google.com with SMTP id t16so7228695wrc.10 for ; Wed, 17 Jan 2018 17:14:53 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=bNibALtTq+81Iaz1BJjddnVw9YRO8bz2URNVRcEBnhI=; b=qpKXdu1ZrP9Ul1OPV3tHM1bDF5ZWPvyZyNqIlDew5TQJWLR7SmQARY9+j1311MKA/+ zHjv+8VTqdf8JtSor/jU1lEJ1KFaxV7Yx5+HspNE/RkkO/fGI2AHSEbMx7YGG6QjA64V v4r5AA48NYB/V+JH2VfqyqCTGlWzyEdYM4hnBS21B7aBSb48f8JucVjiij5j6OtlKVxr 1ml7avfCIX4Jhw4gdPX/sni//yHmoF7P1DZDoP1PCqIMwFDYi92R1qMDpAZDGuqJULUF aXwrQtlXiHcmaHgodxcBobs3c8Po851BJULbmhSqAAp0V/0i/SjeKEwD1JgpLHBc0VYn lSWg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=bNibALtTq+81Iaz1BJjddnVw9YRO8bz2URNVRcEBnhI=; b=AezHh6YjCeObIHwkZTrvdbZ/5WTkfuQ0Tayj2gQPb5NoVfVZjE5vat7UUHlyAw0L/c g5oSkVgNDvrH0OgcsJqBbxYG2PXvZrN0WlKMWCXKW6GsWjhRzh/1qRz7RKzBqZi9ktf6 9VPqhorDqdW4coMUecKYWallZ8HtpERAFUgvrSJC3umBP7t+iU49DVHq656Vug/iykSU D98k1HFqtr61FqmTz5OMEyY4oNgREpEPVwZv8QdU1whWuXcPndCVWC1w3JfSNF0+NPhH E4LLr6wZHTVCtwhOL3UJwoqBN+6zbhIyzsgBO8eOyljg0ZtmNrBUNfZ82Qffy972pZnG WSIA== X-Gm-Message-State: AKwxytd2M0MGlYgS7v+lpqBkVb7fkLZgjUk/y4CKo5JU/E68Ee0++pat a9HKce1DjBcNR/ymP7YcixSHxFEBLu3rj5g4S7LEiw== X-Google-Smtp-Source: ACJfBosvjvBNliRlzmkMoICTqbewBDsLXY3zHJvefDC915t+pcgqawIkaSDpIPtXrYkDjwUjmyw1MlbmFz2JJe6h0E8= X-Received: by 10.223.130.15 with SMTP id 15mr4538293wrb.94.1516238092506; Wed, 17 Jan 2018 17:14:52 -0800 (PST) MIME-Version: 1.0 Received: by 10.28.146.67 with HTTP; Wed, 17 Jan 2018 17:14:51 -0800 (PST) Received: by 10.28.146.67 with HTTP; Wed, 17 Jan 2018 17:14:51 -0800 (PST) In-Reply-To: References: <31430A55-57AD-4648-8D6D-DE2A45CC013C@vandermeer.frl> From: CryptAxe Date: Wed, 17 Jan 2018 17:14:51 -0800 Message-ID: To: Weiwu Zhang , Bitcoin Protocol Discussion Content-Type: multipart/alternative; boundary="001a114b429ae61bc4056302b0ac" X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, FREEMAIL_FROM, HTML_MESSAGE, RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org X-Mailman-Approved-At: Thu, 18 Jan 2018 03:01:20 +0000 Subject: Re: [bitcoin-dev] Suggestion to remove word from BIP39 English wordlist X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 18 Jan 2018 01:14:56 -0000 --001a114b429ae61bc4056302b0ac Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Why wouldn't they just test the frequency of words from the wordlist in entirety? On Jan 17, 2018 5:10 PM, "Weiwu Zhang via bitcoin-dev" < bitcoin-dev@lists.linuxfoundation.org> wrote: > 2018-01-09 19:20 GMT+08:00 Ronald van der Meer via bitcoin-dev > : > > After reviewing some bitcoin improvement proposals, I noticed that one > of the words that can be found on the BIP39 English wordlist is =E2=80=9C= satoshi=E2=80=9D. > > I suggest removing this word from the list so it=E2=80=99s less obvious= that > it=E2=80=99s a bitcoin seed when found by a malicious third party. > > If a malicious third party discovers a word list that look like a > seed, they would try using it as Bitcoin seed first anyway, with or > without finding the word 'satoshi' in it. The security threat is that > a malicious third party may index what they found and test every > occurrence of 'satoshi' for a lead to a seed. > > For example, a hard-disk recycling service would add this word to > their salvage tools. Any successfully hacked gmail account will be > 'satoshi' tested too. > > So I see this as a reasonable improvement:) > _______________________________________________ > bitcoin-dev mailing list > bitcoin-dev@lists.linuxfoundation.org > https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev > --001a114b429ae61bc4056302b0ac Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Why wouldn't they just test the frequency of words fr= om the wordlist in entirety?

On Jan 17, 2018 5:10 PM, "Weiwu Zhang via bitcoin-dev= " <bitcoin= -dev@lists.linuxfoundation.org> wrote:
2018-01-09 19:20 GMT+08:00 Ronald van der Meer vi= a bitcoin-dev
<bitcoin-dev@li= sts.linuxfoundation.org>:
> After reviewing some bitcoin improvement proposals, I noticed that one= of the words that can be found on the BIP39 English wordlist is =E2=80=9Cs= atoshi=E2=80=9D.
> I suggest removing this word from the list so it=E2=80=99s less obviou= s that it=E2=80=99s a bitcoin seed when found by a malicious third party.
If a malicious third party discovers a word list that look like a
seed, they would try using it as Bitcoin seed first anyway, with or
without finding the word 'satoshi' in it. The security threat is th= at
a malicious third party may index what they found and test every
occurrence of 'satoshi' for a lead to a seed.

For example, a hard-disk recycling service would add this word to
their salvage tools. Any successfully hacked gmail account will be
'satoshi' tested too.

So I see this as a reasonable improvement:)
_______________________________________________
bitcoin-dev mailing list
bitcoin-dev@lists.= linuxfoundation.org
https://lists.linuxfoundation.org= /mailman/listinfo/bitcoin-dev
--001a114b429ae61bc4056302b0ac--