4d/b8f0b99af50a21e7ac2f0ff6366c54ef190bc0


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85

Received: from sog-mx-4.v43.ch3.sourceforge.com ([172.29.43.194]
	helo=mx.sourceforge.net)
	by sfs-ml-2.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
	(envelope-from <stick@gk2.sk>) id 1WNphd-0006C7-Oj
	for bitcoin-development@lists.sourceforge.net;
	Wed, 12 Mar 2014 20:24:37 +0000
X-ACL-Warn: 
Received: from mail-ee0-f54.google.com ([74.125.83.54])
	by sog-mx-4.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128)
	(Exim 4.76) id 1WNphc-0004NS-Ah
	for bitcoin-development@lists.sourceforge.net;
	Wed, 12 Mar 2014 20:24:37 +0000
Received: by mail-ee0-f54.google.com with SMTP id d49so13331eek.41
	for <bitcoin-development@lists.sourceforge.net>;
	Wed, 12 Mar 2014 13:24:30 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20130820;
	h=x-gm-message-state:message-id:date:from:user-agent:mime-version:to
	:cc:subject:references:in-reply-to:content-type
	:content-transfer-encoding;
	bh=nEGxmaD1eutc21a8RWHK8tQ0JYX6QxSyDL5nHUosDsw=;
	b=ajEsDHu7/kiGLR9ykg8U+jU6Czq5f/QwQKiX5vXugd6+E8awpQjpywCZRkXB5vrVbo
	U5HuaQ2RxbTc964UtQ4mUwjOmkavuWfBTmDPXNt5cBR1nDRh8gDwrI0NVCzt2C0Vg72D
	ZLVSY9Z3FetlGjhko7f8m00WVl+fj1gyEErJspEE+/NnuZWVUAk7FF3GJPrx/+C7nXhi
	tlBtmW66X6Z0so8f4qJORrp6KrGcCKivhOKItn8yFdUQaU0frxVT0Qp/pCihWQhRFpxG
	tzIJHpjTO2Zgvxiuy9NPnRyonn2JCVkolAPxpMyyYm56Wa2T4G7QqliFWejbA1Ul2a/8
	LT8A==
X-Gm-Message-State: ALoCoQlqQpA7hU07qnhJFdSslMRVaJE4rPwBuVbq0Pnn9i5uPhTR2XT2jXFjsvKkNqiWLlHeSjag
X-Received: by 10.15.91.77 with SMTP id r53mr5816269eez.70.1394655870009;
	Wed, 12 Mar 2014 13:24:30 -0700 (PDT)
Received: from tetra.site (nat-0-15.lam.cz. [80.92.242.254])
	by mx.google.com with ESMTPSA id y51sm73838733eeu.0.2014.03.12.13.24.28
	for <multiple recipients>
	(version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128);
	Wed, 12 Mar 2014 13:24:28 -0700 (PDT)
Message-ID: <5320C27B.8090205@gk2.sk>
Date: Wed, 12 Mar 2014 21:24:27 +0100
From: Pavol Rusnak <stick@gk2.sk>
User-Agent: Mozilla/5.0 (X11; Linux x86_64;
	rv:24.0) Gecko/20100101 Thunderbird/24.3.0
MIME-Version: 1.0
To: William Yager <will.yager@gmail.com>
References: <44fcb02b-3784-45a6-816a-312c78d940cd@me.com>	<5320B7F1.8060701@gk2.sk>	<CAG8oi1M_jnn9vzHjN5h+0x-dYEKudgJ-DEqOKrdv-sCDaFV3NA@mail.gmail.com>	<5320BDD1.50001@gk2.sk>
	<CAG8oi1PhrmCqciECGKNa+DPp3Q_NrHP=79xxzOTkCJ655b4HXg@mail.gmail.com>
In-Reply-To: <CAG8oi1PhrmCqciECGKNa+DPp3Q_NrHP=79xxzOTkCJ655b4HXg@mail.gmail.com>
X-Enigmail-Version: 1.6
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
X-Spam-Score: 0.0 (/)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
	See http://spamassassin.org/tag/ for more details.
X-Headers-End: 1WNphc-0004NS-Ah
Cc: Bitcoin Dev <bitcoin-development@lists.sourceforge.net>
Subject: Re: [Bitcoin-development] [RFC] Proposal: Base58 encoded HD Wallet
 root key with optional encryption
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
	<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
	<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Wed, 12 Mar 2014 20:24:37 -0000

On 03/12/2014 09:10 PM, William Yager wrote:
> implement this is to allow semi-trusted devices (like desktop PCs) to do
> all the "heavy lifting". The way the spec is defined, it is easy to have a
> more powerful device do all the tough key stretching work without
> significantly compromising the security of the wallet.

By disclosing "preH" to compromised computer (between steps 4 and 5) you
make further steps 5-9 quite less important.

Too bad you started to work on spec just recently. :-/

-- 
Best Regards / S pozdravom,

Pavol Rusnak <stick@gk2.sk>