1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
|
Return-Path: <vitteaymeric@gmail.com>
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
[172.17.192.35])
by mail.linuxfoundation.org (Postfix) with ESMTPS id DA8CDDCE
for <bitcoin-dev@lists.linuxfoundation.org>;
Sun, 23 Dec 2018 22:41:04 +0000 (UTC)
X-Greylist: whitelisted by SQLgrey-1.7.6
Received: from mail-wm1-f49.google.com (mail-wm1-f49.google.com
[209.85.128.49])
by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 4D6E47C
for <bitcoin-dev@lists.linuxfoundation.org>;
Sun, 23 Dec 2018 22:41:04 +0000 (UTC)
Received: by mail-wm1-f49.google.com with SMTP id r24so18167617wmh.0
for <bitcoin-dev@lists.linuxfoundation.org>;
Sun, 23 Dec 2018 14:41:04 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
h=subject:to:references:from:openpgp:autocrypt:message-id:date
:user-agent:mime-version:in-reply-to:content-transfer-encoding
:content-language;
bh=w/E9kYBCrVlhgfE8PBhgz18x2ZH7R8N3pMgRvFhJV9Y=;
b=PPvV3Uucn0J3MjEWWxiXMS8conWcFcyUX1C2Z2wnIafc5EHreEcbDLT+kFzpY4E/Pj
3J1qbQ8O5dmD1koT6L5rOa19x2e5BG926peGEAdVvpdsG9SoKmU1jcqr0/jIXAAIou2/
/5BjZNL3lJhuYXNOCoTRVBL6pvmPbjlLeiSjchZ06QdNTfSI4xsLNpM7s06ZnQqluL71
Z+ZBcb5nDh+MjBIYj9u9o+DMVWXqXXFgbgQlNgWbiISFS3bD6g8YMKq4blg828mPdbQ3
agFZYyInTSMalyA4i0yjUxraoJMh2c50Ygu1Y2DP6vggEaudaFzdA/AY5KqV7YEckJDS
oehQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20161025;
h=x-gm-message-state:subject:to:references:from:openpgp:autocrypt
:message-id:date:user-agent:mime-version:in-reply-to
:content-transfer-encoding:content-language;
bh=w/E9kYBCrVlhgfE8PBhgz18x2ZH7R8N3pMgRvFhJV9Y=;
b=GwZfETmZQtpvWrqoplTjPyI4HHlEVCKsK/Tr/zayKS2/Y93O0Qfxi34bf/Vs64X5Fz
9f7FSMNnd4MY11NUtgofgIDnv8P0D3TANQOGYp1B8XRV+ErkYuQBwLysEdlyZHkjVO1L
HkQMEKuyhHQOx4AlrkfOi2TvT+Ci8IjFisZ1KEfxmKtW2JgN5QvW95K8VLHSvOUp9OKd
RBTKoE/HNXLxtGS/rRDxT5GOkme3Jm/5hr5zLwIB/QfQvdrDrR1+UG5fpGWFrxbuNrf9
GnWrw9Xq+ixDvHQIzM7usAm0Y3uGvL2MGNFwyH0jGeXIK5us+1sV8KBP9FzQq/uZd/nW
I67Q==
X-Gm-Message-State: AJcUukfBNJmlPEA+3xI0A9v9ECWd0P3WYcErG+jKk41L8zE3vazruahQ
ycZEMzMfqvcWzx00f5dbqWuszJcO
X-Google-Smtp-Source: AFSGD/VvQehYq3Zn0G45JQ109pZkpSQmMJKgg01OmdXgJsUSJiyxHEaODJ2DbBCunu9VEgunYnh0fw==
X-Received: by 2002:a1c:8b09:: with SMTP id n9mr10223556wmd.38.1545604862522;
Sun, 23 Dec 2018 14:41:02 -0800 (PST)
Received: from [192.168.1.10] (lfbn-mar-1-620-214.w90-118.abo.wanadoo.fr.
[90.118.195.214]) by smtp.googlemail.com with ESMTPSA id
d16sm14058247wru.52.2018.12.23.14.41.01
(version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
Sun, 23 Dec 2018 14:41:01 -0800 (PST)
To: Pavol Rusnak <stick@satoshilabs.com>,
Bitcoin Protocol Discussion <bitcoin-dev@lists.linuxfoundation.org>
References: <68330522-7e7c-c3b4-99a9-1c68ddb56f23@gmail.com>
<f2d73a92-e1c5-9072-e255-fa012a9f9d1b@satoshilabs.com>
From: Aymeric Vitte <vitteaymeric@gmail.com>
Openpgp: preference=signencrypt
Autocrypt: addr=vitteaymeric@gmail.com; prefer-encrypt=mutual; keydata=
mQINBFdW8uABEAC7HJScbB2d/lmYoY5Cn9loEjJwfLs1LC3om030bWFGiH3Ceo5XeHUT94rw
Pi+HaHU8ea94425SXIFsnqp/ouoT/8Ffn6vED0OoRmK0jE4fqDApXSpoL2mHX9PAGdUItMtD
YrxBiBZNfMkctEsm4NrQ4TCvB3Yrm6Fc69inXJjUoYgPw5tHafEeI8Qwh0j99JZZDKcAqIra
JF3MPc59rATz0qOJtRP9EpsPVFwjJe13zN6CHILwiVgrL8EtT5WKCVO6ATxh60LHi8+MwPxV
V31zp/NNI5Hck+XocEMO98ZvUu9X8ZxmnOk/+9pBxXEwUqSGUNWdmPJLncpI23Usce3u/MOo
M2C4T4rD4J0XrXiyBvbeTvwq4qVNlyggeWzlBH+YpEYgDctPq4gNh4eoTtAkf8URtBeke5bQ
CGdaZt/jxv8nvmxs9V/iSyg5ldJLQktHStXOo0OZ7FEB2C6Ggtymm4hm2MHYg07Q1MGJrFLa
oJZkJ3JeXnVsZMam7ypQtld6rRa96CvH+llXwux6aQ5hKdzmBBMQ10LlkZhkExgTawbeqdiG
RMP2DjD5go6TPdAHS4NN34SBkrTWLqgWOjN/lnG77bbLnpMl0P+xBTuqw1oSXaDbcdHE2nGY
lRno/ZZIfr+1Bq56DZLBX/WpnAT4f5WtofL4CxQM9SbG6byyewARAQABtCJBeW1lcmljIFZp
dHRlIDxheW1lcmljQHBlZXJzbS5jb20+iQI/BBMBCAApBQJXVvLgAhsjBQkJZgGABwsJCAcD
AgEGFQgCCQoLBBYCAwECHgECF4AACgkQKh17NCYnrDm3WhAAlYmgtSmtfqjBvQMqkmtqiQJA
aZkzFZWt6+zroduHH5/Tp8jh73gFqCUyRrl/kcKvs2+XQhfrOwk1R6OScF25bpnrZSeuyJnZ
MZu4T0P2tGS8YdddQvWUHMtI9ZnQRuYmuZT23/hgj1JnukuGvGLeY0yDUa1xFffPN39shp5X
FPMcpIVOV3bs+xjAdsyfRyO3qJAD1FGiR7ggJeoaxUbKZ6NtcVUPPRMjVTKfopkuDwKY318m
BE0epfxSZ/iRhsJ0/sREUWgbgq4/QvCFwBKzgz7fTikGmf8OELWSdofmXs7gOtmMc3el8fJu
W8PVa/OsIQHDmwSzvxmE8ba5M8bdwOYEraTWFArIymAAtRXKxmuYpkqKfeSlbCwae3W+pgNT
8nKYRVAFlMtIxYkmPYyMTk9kCscmSqugGWbWdnqe/dhVaa31xa1qO1tDH24D2/tjCJRQt4Jk
AEWNSmjCmjfeArMEFTGlZwMTAjVXErLSPbLOsZiZhD9sjvSbfzrtJiMli2h9+Dvds+AJk1PM
O8LW7cCNyFoCk4OdAxzJHobZ25G+uy4NSQEHgxLC2iuh/tugz1tOHnQczPc/3AkVVI9A5DF1
gbVRBJh6rI7sAcwuR76uoOs0Rpp7r6I66xqU/5eq8g1OsJp89tw0ppSIa0YmaxNqQZ0l3rVX
o/ZwpBjtNQS5Ag0EV1by4AEQANhlz3Ywff4dY1HTdn05v0wVUxZzW2PUih+96m6EhpUrD9BT
vxriKtbgxm/zl+5YAlThbrk9f0QyVTHJ95Z1/M5qjuksP9Zn3qZ/8ylANDkN2s3z8Bq/LJA+
u7+APhMqyFWK0FqNCOogClvijiKPEzkU6tmDGO6wZ5pR/u8Fdq7DGQgwgyGZZc7qstte0M7l
yx7bVRlPBqvd6kyX3YubQHzkctf46nFjiYZgKawdWFsA3PCdSBupbhixL5d/t1UK9ZTiQJcf
0uhHzT06qwolFrm/ugkLDHtE4Zo3BuKch47Sms8P2hJ08gABxeJHg0ZgkIUy/Xf4nHbDCBJw
T8tE8pWYWA2ECiPNo0TOCMVOueEzISUNKINfCuFHSbMQU39hgt3ofxODbAjOiO3e/iu1ptck
AkuVBdtjOBP4tHRGxVrbf5EuAV5U5xtiSxMwMgojg0GIXZjnT/8uvWqcLqtJILRMmmu+WNvD
oxuiJzcTJhDai9oujmxQwcpMvgrBB89KSTDyitO5XVjZqaR7Zxvvn3rM4bAms/lotv9+pTyh
spazTIxb80u0ifJ6y1RxAkxQCfWwps1i3VbsM6OKX78aUyOf5V4ihXF57M37tOqPRwFvz6a+
AIIhUNMTLo2H+o6Vw9qbX8SUxPHPs6YpJ8lWQJ9OMWHE+SbaDFAi/D5hYRubABEBAAGJAiUE
GAEIAA8FAldW8uACGwwFCQlmAYAACgkQKh17NCYnrDmk4Q/9Fuu0h5HvIiO3ieYA2StdE7hO
vv2THuesjJDsj6aQUTgknaxKptJogNe3dDyIT+FHxXmCw0Nrbm9Q3ryl80z/G9utfFNO3Gwc
q31QW3n3LJHnpqdrV3WsRzT5NwJMVtiIAGRrX8ZomtarWHT0PeEHC2xBdFzRrJtmkrwer0Wc
0nBzD7vk1XEXC9nODbmlgsesoHFgRwQBst3wClCbX1gv8aSfxQNpaf9UBC8DmyrQ621UXpBo
PvcFEtWxV44vJfP0WOLCCN0Pzv2F2I66iKo7VMqbr5jlNAXJN9I1hXb7qwYJmBC9j5oeEoqv
A9d44WWpxrdAr8qih4Nv89k9+9F6NoqORY3FGuVDKiW8CVhCmGT7bIvNeyicVBZFipXqPcKL
VFduO2c5Ubc2npMWLUF1k9JJc9tH75l3+F/0RbYVTzGAZ+zSaudwR6h8YiCN2DBZGZkJEZbh
3X/l6jtijMN/W9sPHyyKvm/TmeEC27S3TqZPZ8PUQLxZC70V6gMbenh01JdSQsn5t8Ru0RNh
Blt0g7IyZyIKCE9b+TyzbYpX6qgqEBUHia5b0vyPtQacWQlZ8uqnghAqNkLluEsy7Q/7xG6M
wXUYEDsFOmB9dKOzcAOIhpxlVjSKu5mzXJ11sEtE8nyF5NJ/riCA7FGcjlki3zIpzQUNo9v7
vXl2h6Tivlk=
Message-ID: <db184306-7ec0-322e-5637-7889b51f50bf@gmail.com>
Date: Sun, 23 Dec 2018 23:41:00 +0100
User-Agent: Mozilla/5.0 (Windows NT 6.3; rv:60.0) Gecko/20100101
Thunderbird/60.3.3
MIME-Version: 1.0
In-Reply-To: <f2d73a92-e1c5-9072-e255-fa012a9f9d1b@satoshilabs.com>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
Content-Language: fr
X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIM_SIGNED,
DKIM_VALID, DKIM_VALID_AU, FREEMAIL_FROM,
RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
smtp1.linux-foundation.org
X-Mailman-Approved-At: Mon, 24 Dec 2018 14:47:55 +0000
Subject: Re: [bitcoin-dev] BIP39 seeds
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Sun, 23 Dec 2018 22:41:05 -0000
Exactly
This is surprising, I would have expected the probabilities to be much
more lower
It just means that scanning whatever (secret) book, document, link, etc,
you will find easily BIP39 seeds, even of 24 words
So, it just means that you don't have to write your seed since you can
recover it that way, given a secret source and specific algo with custom
parameters, this could be used for plausible deniability also
For now I still dislike BIP39 and alike (because I don't see very well
why it's easier to write n words that you cannot choose rather than a
32B BIP32 hex seed, and I have seen many people completely lost with
their wallets because of this), but I could change my mind, and despite
of further improvements for this ratio, could what I am suggesting make
sense?
Le 23/12/2018 à 19:46, Pavol Rusnak a écrit :
> On 22/12/2018 00:58, Aymeric Vitte via bitcoin-dev wrote:
>> Has anybody already looked at this: given N randomly chosen words
>> belonging to a BIP39 2048 words dictionary, what is the probability to
>> get a "valid" BIP39 seed (ie with the right checksum)?
> 1:256 for 24 words
> 1:16 for 12 words
>
> This ratio is not too great and will be improved in the upcoming SLIP39
> standard: https://github.com/satoshilabs/slips/blob/master/slip-0039.md
>
|