š
Original date posted:2014-01-24
š Original message:On Tue, Jan 21, 2014 at 01:00:43AM +0100, Thomas Voegtlin wrote:
> Hi slush,
>
> Thank you for your new proposal; it seems to be a compromise.
>
> @Christophe Biocca:
> If the wordlist becomes part of the standard, then we will run into
> problems of collisions once users ask for wordlists in every language.
>
> IMO the right approach is to implement checksums that do not depend
> on the wordlist (eg the 'brute force' method, Hash(mnemonic||1) mod
> 2^k == 0 )
> this would also allow us to implement sipa's variable stretching proposal.
>
> I understand this is not possible because of the computational
> requirements of devices such as trezor.
Is it? Surely the trezor can bruteforce, say, 8 bits == 0. How many
SHA256/sec can the trezor hardware do? Generating your seed is a
one-time thing after all - that taking 10-30s doesn't seem like a big
deal to me.
Even a 1/256th "checksum" will really cut down on the number of mistakes
made and money lost.
--
'peter'[:-1]@petertodd.org
0000000000000001d8b9d438c18e856735ddae5b1d918416010350d19794aab6
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 685 bytes
Desc: Digital signature
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20140124/e8ceffc8/attachment.sig>;
Peter Todd [ARCHIVE] /
npub1m2ā¦a2np2
2023-06-07 15:12:24
in reply to nevent1qā¦q240
Author Public Key
npub1m230cem2yh3mtdzkg32qhj73uytgkyg5ylxsu083n3tpjnajxx4qqa2np2Published at
2023-06-07 15:12:24Event JSON
{
"id": "5f88bbd4b085a7b8d3410ad4d0145860c87d424b6be5760f259c71027cdb5ad8",
"pubkey": "daa2fc676a25e3b5b45644540bcbd1e1168b111427cd0e3cf19c56194fb231aa",
"created_at": 1686150744,
"kind": 1,
"tags": [
[
"e",
"fc93117f98479f5d69e7743f0323a5e1a0e6bc3324ce5260981ec55279ad31dc",
"",
"root"
],
[
"e",
"2b73dc2b9a91cbd27bb2bd27a77e8c1ef36f89b9f1ea06b09f3178a09e41e0e9",
"",
"reply"
],
[
"p",
"7a4ba40070e54012212867182c66beef592603fe7c7284b72ffaafce9da20c05"
]
],
"content": "š
Original date posted:2014-01-24\nš Original message:On Tue, Jan 21, 2014 at 01:00:43AM +0100, Thomas Voegtlin wrote:\n\u003e Hi slush,\n\u003e \n\u003e Thank you for your new proposal; it seems to be a compromise.\n\u003e \n\u003e @Christophe Biocca:\n\u003e If the wordlist becomes part of the standard, then we will run into\n\u003e problems of collisions once users ask for wordlists in every language.\n\u003e \n\u003e IMO the right approach is to implement checksums that do not depend\n\u003e on the wordlist (eg the 'brute force' method, Hash(mnemonic||1) mod\n\u003e 2^k == 0 )\n\u003e this would also allow us to implement sipa's variable stretching proposal.\n\u003e \n\u003e I understand this is not possible because of the computational\n\u003e requirements of devices such as trezor.\n\nIs it? Surely the trezor can bruteforce, say, 8 bits == 0. How many\nSHA256/sec can the trezor hardware do? Generating your seed is a\none-time thing after all - that taking 10-30s doesn't seem like a big\ndeal to me.\n\nEven a 1/256th \"checksum\" will really cut down on the number of mistakes\nmade and money lost.\n\n-- \n'peter'[:-1]@petertodd.org\n0000000000000001d8b9d438c18e856735ddae5b1d918416010350d19794aab6\n-------------- next part --------------\nA non-text attachment was scrubbed...\nName: signature.asc\nType: application/pgp-signature\nSize: 685 bytes\nDesc: Digital signature\nURL: \u003chttp://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20140124/e8ceffc8/attachment.sig\u003e",
"sig": "9ba400014e2ff3f6a702dd3929396ece55094c6a1c415669c4661528d3f7cfeeb4a19dbad37622c3aa7298683007d986c4d5302beadee4853013cc7af5b02d01"
}