📅 Original date posted:2021-05-08
📝 Original message:Hi,
I'd like to submit an idea for review, as a potential informational BIP
(Bitcoin Improvement Proposal), describing an optional method of producing
a BIP39 passphrase, using only BIP39 'mnemonic' seed words.
The idea specifically refers to a method of introducing two-factor
authentication, to protect a Bitcoin wallet using only 24 seed words, and
therefore, providing plausible deniability about the existence of this
separate 2nd layer passphrase.
I've suggested the name 'quantum' passphrase to be used casually as a
unique identifier.
The data stored within a 'quantum' passphrase, is simultaneously the
minimum required data for reproducing a BIP39-compatible 24-word seed
mnemonic... hence, the name 'quantum' seems fitting, to reflect the
multiple simultaneous states of data.
Abstract...
This improvement proposal describes the use of twenty four, newly generated
BIP39 seed words, to produce a '25th-word' BIP39-compatible 'quantum'
passphrase.
Two-factor authentication (2FA) or (2 of 2 multi-signature) can be
implemented with a two-wallet setup:
The 1st Bitcoin wallet is protected by the seed words of the 2nd Bitcoin
wallet; inversely, the 2nd Bitcoin wallet is protected by the seed words of
the 1st Bitcoin wallet.
The 'quantum' passphrase offers an exponential increase in the level of
protection, as that offered by the original BIP39 mnemonic seed words
(≈2048^23 possible combinations).
ie. A Bitcoin wallet with a 2nd layer 'quantum'passphrase is protected by
2048^23 to the power of 2048^23 possible combinations.
With existing computer capabilities, this level of protection is far
greater than required; however, this does provide a sufficient level of
protection for each separate layer of a two-factor Bitcoin wallet, should
any one layer be accidentally exposed.
This method of passphrase generation, consists of two parts:
1st - generating the BIP39 mnemonic seed words, using a BIP39-compatible
hardware wallet.
2nd - Converting these seed words into the 'quantum' passphrase, following
four simple rules, which most importantly, do not destroy the integrity of
the initial data.
Motivation...
The well established practice of preserving up to 24 seed words for the
purpose of reproduction of a Bitcoin wallet, suffers from a major flaw...
Exposure of these mnemonic seed words can cause catastrophic loss of funds
without adequate multi-factor protection.
Whilst it is recognised that a number of multi-factor solutions are
available (including the standard BIP39 passphrase, and hardware wallet
multi-signature functionality), this proposal aims to provide an extremely
safe and secure 'low-tech' option, that requires minimal (non-destructive)
adjustments to the seed words.
Furthermore, the 'quantum' passphrase offers a number advantages over the
existing methods of multi-factor protection:
Firstly, this method of creating a passphrase leaves no evidence of its
existence on any backup devices, providing plausible deniability in case of
coercion.
This is because the passphrase is easily created from a genuine 24 seed
word mnemonic; therefore, the physical backup of the passphrase can be
disguised as a simple Bitcoin wallet on a metal backup plate.
It presents a way of discouraging user-created words or sentences (also
known as 'brain-wallets'), which often provide a drastically reduced level
of passphrase security, unbeknown to many users.
The large amount of data required to produce a 'quantum' passphrase (up to
96 characters long), encourages the physical backup of the passphrase.
Furthermore, the use of BIP39-only words provides a higher degree of
standardization, which can help to avoid potential mistakes made by
creating unnecessarily complicated combinations of letters, numbers and
symbols. Increased complication (disorderly, and non-human-friendly), does
not always equal increased complexity (orderly, and more human-friendly),
or increased security.
As previously mentioned, a two-wallet configuration provides the user an
opportunity to safely split the two factors of protection (equivalent to a
2 of 2 'multi-sig' setup).
If a BIP39-compatible passphrase is created using a new set of 24 seed
words, it provides 76 degrees of extra complexity (ie. 1 with 76 zeros, or
10⁷⁶ possible combinations of words).
The strength of this 2nd factor solution, provides adequate
risk-management, when considering the production of multiple backup
devices, strategically stored in multiple geographical locations.
Generating the 'quantum' passphrase...
Following just four (non-destructive) BIP39-compatible rules, the 24 seed
words can also function as a 'quantum' passphrase:
1 . Only BIP39 words
(Standard list of 2048 English words - other languages should be compatible)
2 . Only the first four letters of each word
(BIP39 words require only this data for reproduction)
3 . Only upper case letters
(All alphabet references use this standard format)
4 . No spaces between words
(Spaces represent an additional unit of data, that is not recorded)
In essence, the 'quantum' passphrase is simply a single string of all 24
seed words, set out using the above rules.
I welcome a productive technical discussion.
Thanks,
Chris Johnston
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20210508/1e640f69/attachment-0001.html>