Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id 21190E3C for ; Mon, 8 Jan 2018 12:45:14 +0000 (UTC) X-Greylist: from auto-whitelisted by SQLgrey-1.7.6 Received: from outmail149082.authsmtp.co.uk (outmail149082.authsmtp.co.uk [62.13.149.82]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 3B56B18A for ; Mon, 8 Jan 2018 12:45:12 +0000 (UTC) Received: from mail-c247.authsmtp.com (mail-c247.authsmtp.com [62.13.128.247]) by punt20.authsmtp.com. (8.15.2/8.15.2) with ESMTP id w08CjBnj031997; Mon, 8 Jan 2018 12:45:11 GMT (envelope-from pete@petertodd.org) Received: from petertodd.org (ec2-52-5-185-120.compute-1.amazonaws.com [52.5.185.120]) (authenticated bits=0) by mail.authsmtp.com (8.15.2/8.15.2) with ESMTPSA id w08Cj7ES002818 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Mon, 8 Jan 2018 12:45:08 GMT (envelope-from pete@petertodd.org) Received: from [127.0.0.1] (localhost [127.0.0.1]) by petertodd.org (Postfix) with ESMTPSA id 855844008C; Mon, 8 Jan 2018 12:45:07 +0000 (UTC) Received: by localhost (Postfix, from userid 1000) id DEC7A202FC; Mon, 8 Jan 2018 07:45:06 -0500 (EST) Date: Mon, 8 Jan 2018 07:45:06 -0500 From: Peter Todd To: Pavol Rusnak , Bitcoin Protocol Discussion Message-ID: <20180108124506.GA13858@savin.petertodd.org> References: MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="ZGiS0Q5IWpPtfppv" Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.23 (2014-03-12) X-Server-Quench: c2a88fb6-f471-11e7-8106-0015176ca198 X-AuthReport-Spam: If SPAM / abuse - report it at: http://www.authsmtp.com/abuse X-AuthRoute: OCd2Yg0TA1ZNQRgX IjsJECJaVQIpKltL GxAVKBZePFsRUQkR aQdMdgoUElQaAgsB Am4bWlZeVFh7WWo7 bghPaBtcak9QXgdq T0pMXVMcUwVgckYG c30eUht6dg0Ifnd4 ZAgxXCFTVBIoc1sr RklVCGwHMGB9YGEf Vl1YdwJRcQRMLU5E Y1gxNiYHcQ5VPz4z GA41ejw8IwAXEy1J RRoNLFYbS11DBTM3 XR0eVS4vFFcIS20r NR04I0IRVEUcIw0p OlssXF9w X-Authentic-SMTP: 61633532353630.1038:706 X-AuthFastPath: 0 (Was 255) X-AuthSMTP-Origin: 52.5.185.120/25 X-AuthVirus-Status: No virus detected - but ensure you scan with your own anti-virus system. X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_LOW autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org Subject: Re: [bitcoin-dev] Satoshilabs secret shared private key scheme X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 08 Jan 2018 12:45:14 -0000 --ZGiS0Q5IWpPtfppv Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Jan 08, 2018 at 01:39:20PM +0100, Pavol Rusnak via bitcoin-dev wrot= e: > > The construction also > > will silently result in the user getting a different private key if > > they enter the wrong passphrase-- which could lead to funds loss. >=20 > Again, this is by design and it is main point why plausible deniability > is achieved both in BIP39 and SLIP39. If we used a different > construction we'd loose plausible deniability. Can you explain _exactly_ what scenario the "plausible deniability" feature refers to? --=20 https://petertodd.org 'peter'[:-1]@petertodd.org --ZGiS0Q5IWpPtfppv Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature -----BEGIN PGP SIGNATURE----- iQEcBAEBCAAGBQJaU2fPAAoJECSBQD2l8JH7nzwIAIZcmG6oRP4DwaNzs8c01ZGk Fqa17SbU5P8Y9Y+yyN5jmMhLOjELTZXWauZTDViy2SCqp+peILAnylM639DCHYs2 wLNCOD1o4S5xTpmb1yaRPoSrkmbfqfFMQXNiaw86WhE+sU/srfXDEMqbxNs+bP+8 Xj514mtVDnUETFoWE2MHRVF5NE7mtkBLTBrar2ucdSYBuVEnm3Pp6MLnBbUvG5gl Egv/K9Dt5PMHnUgaUDOmIEI7isxCIVv6vwgx7or2iCZdHR3O7zTFK8pxzN2wmySi 2ZMam9sP09HjSIILhHzBW7CuiFqvknHfcsmWWQnDbYS+a1Z+yUZBFLzedxhSEGs= =Mi74 -----END PGP SIGNATURE----- --ZGiS0Q5IWpPtfppv--