1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
|
Return-Path: <jenslewis0xfffaaa@gmail.com>
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
[172.17.192.35])
by mail.linuxfoundation.org (Postfix) with ESMTPS id 9685A1060
for <bitcoin-dev@lists.linuxfoundation.org>;
Tue, 9 Jan 2018 12:45:08 +0000 (UTC)
X-Greylist: whitelisted by SQLgrey-1.7.6
Received: from mail-lf0-f65.google.com (mail-lf0-f65.google.com
[209.85.215.65])
by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 5CCB8A3
for <bitcoin-dev@lists.linuxfoundation.org>;
Tue, 9 Jan 2018 12:45:07 +0000 (UTC)
Received: by mail-lf0-f65.google.com with SMTP id z124so5365856lfd.10
for <bitcoin-dev@lists.linuxfoundation.org>;
Tue, 09 Jan 2018 04:45:07 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
h=subject:to:references:from:message-id:date:user-agent:mime-version
:in-reply-to:content-language;
bh=yW8Rs/Vv2rGOaAjd81NpUbmR4gW3lBTg6ahJfNekq58=;
b=fuhQpgXkOs1mnQtJe2SE0h15DyH5lRflgNezv1v2JiuuJEet6cBnpPR6fbn3Ny21VM
/hIvCMRDfh4/eL+KXQaMMd8I2MefXSsiVvotJ6N4cPpzUTU/2JkNMP82LfktT7sT3ory
EQM5+hStnTYtaYOxnfRtgPHsXsIQTdDPKqYb3Qz/sm/ozp6+/VUDJvDNT6/bJBoNke/+
flyFqtk74fczQK6ItyhM5cG0/XEZwEu62jSFCaPL867AgC8IRCx8tWk5KWRWENITvlZC
VOXEZ7xYV5YBzdzv/RBf65TfmZF+bpTHXJ5lmVLppBGdFu0XYy7ZhbBXhzQWWmQ2VXxV
ahug==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20161025;
h=x-gm-message-state:subject:to:references:from:message-id:date
:user-agent:mime-version:in-reply-to:content-language;
bh=yW8Rs/Vv2rGOaAjd81NpUbmR4gW3lBTg6ahJfNekq58=;
b=iPLzmIvsT4Af9F8uQW0JqPpVNdP0pQJh4pUxT5E7F2EpdUFlTm4a/5R9NsV19p8uX+
kaCm7WoTQuwOpGTipERxjYFO/jIAJHa4Llz1SFIdDZBbG2u438CoKxRIVUVeC3ILAy0A
gqrH8eJmSIw2S+rIoaRpJYXEwl03GqrLGWCs0sjlh/9m3TLurHOsgmzVqAmrMxZ5jOH+
yCULlS5FRaHgVmIVpOw4w8VnYXLmOr9pL/6XPdpMk6X/5kKiZRRTvO3rJq6mFYmgxD0y
WqW+4MDteECA3NQn3UGTWydojC2dImpZJhPnsV70DTrqaaMhOFHA/wONUgNOpCu70l1l
m2EQ==
X-Gm-Message-State: AKGB3mL3ufXeGYQOvTaS0cGYGgNSraebhXafwG56oKiav43TvspAaOXM
gW+9IoKxbz5dvNOWHk9k2DsQC5FH
X-Google-Smtp-Source: ACJfBosQZhbPHwiVCayIUpM06kSF1zoIaGN6cPdIaq00qY1u45wfWfHlPE0dBxmUborSyPz1dkW38g==
X-Received: by 10.46.8.89 with SMTP id g25mr8897760ljd.6.1515501905796;
Tue, 09 Jan 2018 04:45:05 -0800 (PST)
Received: from [10.101.2.87] ([176.12.107.140])
by smtp.gmail.com with ESMTPSA id a71sm2844390ljf.6.2018.01.09.04.45.02
(version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
Tue, 09 Jan 2018 04:45:05 -0800 (PST)
To: Peter Todd <pete@petertodd.org>,
Bitcoin Protocol Discussion <bitcoin-dev@lists.linuxfoundation.org>,
Rhavar <rhavar@protonmail.com>
References: <CAAS2fgR-or=zksQ929Muvgr=sgzNSugGp669ZWYC6YkvEG=H5w@mail.gmail.com>
<ae570ccf-3a2c-a11c-57fa-6dad78cfb1a5@satoshilabs.com>
<CAAS2fgRQvpa8VXE8YAYSfugDvCu=1+5ANsGk1V_OXtHPGD=Ltw@mail.gmail.com>
<vJsDz9YdeNQQ_PZRf5HP1W0FmcWyKHIuwN9QeNgN-WXCdQcRmXLtkQ3wfTO7YUCgG6AFgOkKeU6fdsGTKkGcnk-_OOY_jyNlfWkFQ31d2ZU=@protonmail.com>
<20180109011335.GA22039@savin.petertodd.org>
From: jens <jenslewis0xfffaaa@gmail.com>
Message-ID: <29ef320d-e758-e00b-1be2-c1eae43de167@gmail.com>
Date: Tue, 9 Jan 2018 12:44:56 +0000
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101
Thunderbird/52.5.2
MIME-Version: 1.0
In-Reply-To: <20180109011335.GA22039@savin.petertodd.org>
Content-Type: multipart/alternative;
boundary="------------9002E91FDADF57706D05E192"
Content-Language: en-US
X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIM_SIGNED,
DKIM_VALID, DKIM_VALID_AU, FREEMAIL_FROM, HTML_MESSAGE,
RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
smtp1.linux-foundation.org
X-Mailman-Approved-At: Tue, 09 Jan 2018 15:11:47 +0000
Subject: Re: [bitcoin-dev] Satoshilabs secret shared private key scheme
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Jan 2018 12:45:08 -0000
This is a multi-part message in MIME format.
--------------9002E91FDADF57706D05E192
Content-Type: text/plain; charset=windows-1252; format=flowed
Content-Transfer-Encoding: 8bit
> Trezor's "plausible deniability" scheme could very well result in you going to
> jail for lying to border security, because it's so easy for them to simply
> brute force alternate passwords based on your seeds. With that, they have proof
> that you lied to customs, a serious offense.
The passphrase scheme as I understand it allows a maximum of 50
characters to be used. Surely even with the HD seed, that search space
is too large to brute force. Or is there a weakness in the scheme I
haven't clocked?
On 09/01/18 01:13, Peter Todd via bitcoin-dev wrote:
> On Mon, Jan 08, 2018 at 07:40:38PM -0500, Rhavar via bitcoin-dev wrote:
>> I think you're under-appreciating how useful the "plausible deniability". Someone I know was (solo) traveling to the United States when a border agent asked her to unlocked her phone; thumbed through her apps, ended up finding tinder and went through all her recent conversations to make sure she wasn't involved in any "pay for sex things".
>>
>> In the same light, I travel frequently and constantly have my trezor on me. If I am asked to unlock it, I will have no problems doing so (as refusal will no doubt lead to deportation) and showing my personal wallet (which sadly hasn't had much use since fees became ridiculous).
> Trezor's "plausible deniability" scheme could very well result in you going to
> jail for lying to border security, because it's so easy for them to simply
> brute force alternate passwords based on your seeds. With that, they have proof
> that you lied to customs, a serious offense.
>
> I would strongly advise you not to use it in that situation.
>
>
>
> _______________________________________________
> bitcoin-dev mailing list
> bitcoin-dev@lists.linuxfoundation.org
> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
--------------9002E91FDADF57706D05E192
Content-Type: text/html; charset=windows-1252
Content-Transfer-Encoding: 8bit
<html>
<head>
<meta http-equiv="Content-Type" content="text/html;
charset=windows-1252">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<p><br>
</p>
<blockquote type="cite"
cite="mid:20180109011335.GA22039@savin.petertodd.org">
<pre wrap="">Trezor's "plausible deniability" scheme could very well result in you going to
jail for lying to border security, because it's so easy for them to simply
brute force alternate passwords based on your seeds. With that, they have proof
that you lied to customs, a serious offense.
</pre>
</blockquote>
The passphrase scheme as I understand it allows a maximum of 50
characters to be used. Surely even with the HD seed, that search
space is too large to brute force. Or is there a weakness in the
scheme I haven't clocked? <br>
<br>
<div class="moz-cite-prefix">On 09/01/18 01:13, Peter Todd via
bitcoin-dev wrote:<br>
</div>
<blockquote type="cite"
cite="mid:20180109011335.GA22039@savin.petertodd.org">
<pre wrap="">On Mon, Jan 08, 2018 at 07:40:38PM -0500, Rhavar via bitcoin-dev wrote:
</pre>
<blockquote type="cite">
<pre wrap="">I think you're under-appreciating how useful the "plausible deniability". Someone I know was (solo) traveling to the United States when a border agent asked her to unlocked her phone; thumbed through her apps, ended up finding tinder and went through all her recent conversations to make sure she wasn't involved in any "pay for sex things".
In the same light, I travel frequently and constantly have my trezor on me. If I am asked to unlock it, I will have no problems doing so (as refusal will no doubt lead to deportation) and showing my personal wallet (which sadly hasn't had much use since fees became ridiculous).
</pre>
</blockquote>
<pre wrap="">
Trezor's "plausible deniability" scheme could very well result in you going to
jail for lying to border security, because it's so easy for them to simply
brute force alternate passwords based on your seeds. With that, they have proof
that you lied to customs, a serious offense.
I would strongly advise you not to use it in that situation.
</pre>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
bitcoin-dev mailing list
<a class="moz-txt-link-abbreviated" href="mailto:bitcoin-dev@lists.linuxfoundation.org">bitcoin-dev@lists.linuxfoundation.org</a>
<a class="moz-txt-link-freetext" href="https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev">https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev</a>
</pre>
</blockquote>
<br>
</body>
</html>
--------------9002E91FDADF57706D05E192--
|
