📅 Original date posted:2014-03-12
📝 Original message:On Wed, Mar 12, 2014 at 3:42 PM, Pavol Rusnak <stick at gk2.sk> wrote:
> On 03/12/2014 09:37 PM, William Yager wrote:
> > (that group of people includes me), PBKDF2-HMAC-SHA512 is very easy to
> > implement even on devices that only have a few kB of RAM, and even though
> > our number of rounds is very aggressive (2^16 and 2^21), it will still
> run
> > in reasonable time even on very slow embedded ARM processors.
>
> To give you some numbers: TREZOR (120MHz ARM) does 1024 rounds of
> PBKDF2-HMAC-SHA512 in around 1 second.
>
> So 2^16 is around one minute, 2^21 is around half an hour.
>
>
Precisely. And since the target of this BIP is generally storage wallets
(just like BIP 0038), we figured these were reasonable time scales for
encryption/decryption on slow devices.
Let's say you're implementing a Raspberry Pi based cold wallet printer.
Having the user wait 10 seconds to several minutes is not unreasonable for
a one-time activity, especially when at least this much time is used to
generate entropy, print the wallet, etc.
The same goes for phones. If you're importing a heavily encrypted wallet
into your device, the user won't mind waiting a few seconds or even a few
minutes.
Plus, as an added bonus, the amount of time it will take to encrypt/decrypt
is highly deterministic, so it's easy to add a nice progress bar to a UI.
Will
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20140312/4bd9b204/attachment.html>;
William Yager [ARCHIVE] /
npub1mt…qzgqk
2023-06-07 15:15:17
in reply to nevent1q…acc2
Author Public Key
npub1mtzsyxnmqze93rehd90508tdg7k4mwktknmtamqam55446tkaq7qnqzgqkSeen on
wss://relay.nostr.bandPublished at
2023-06-07 15:15:17Event JSON
{
"id": "2969043d5d55e0b3bd586f53f62090397fc03ad421340749eab267a8becfd7d5",
"pubkey": "dac5021a7b00b2588f37695f479d6d47ad5dbacbb4f6beec1ddd295ae976e83c",
"created_at": 1686150917,
"kind": 1,
"tags": [
[
"e",
"e2b06c13dda090fd765a6fae17847c84821995c150a37c86a1dca89140911552",
"",
"root"
],
[
"e",
"32ef2e810d90c6f8e921d88510accc02730d38188b810070b751a957de97972d",
"",
"reply"
],
[
"p",
"7631397e469f47f3535567311f5f7c17129e0ff2cb253df015e3d92ddfd92c63"
]
],
"content": "📅 Original date posted:2014-03-12\n📝 Original message:On Wed, Mar 12, 2014 at 3:42 PM, Pavol Rusnak \u003cstick at gk2.sk\u003e wrote:\n\n\u003e On 03/12/2014 09:37 PM, William Yager wrote:\n\u003e \u003e (that group of people includes me), PBKDF2-HMAC-SHA512 is very easy to\n\u003e \u003e implement even on devices that only have a few kB of RAM, and even though\n\u003e \u003e our number of rounds is very aggressive (2^16 and 2^21), it will still\n\u003e run\n\u003e \u003e in reasonable time even on very slow embedded ARM processors.\n\u003e\n\u003e To give you some numbers: TREZOR (120MHz ARM) does 1024 rounds of\n\u003e PBKDF2-HMAC-SHA512 in around 1 second.\n\u003e\n\u003e So 2^16 is around one minute, 2^21 is around half an hour.\n\u003e\n\u003e\nPrecisely. And since the target of this BIP is generally storage wallets\n(just like BIP 0038), we figured these were reasonable time scales for\nencryption/decryption on slow devices.\n\nLet's say you're implementing a Raspberry Pi based cold wallet printer.\nHaving the user wait 10 seconds to several minutes is not unreasonable for\na one-time activity, especially when at least this much time is used to\ngenerate entropy, print the wallet, etc.\n\nThe same goes for phones. If you're importing a heavily encrypted wallet\ninto your device, the user won't mind waiting a few seconds or even a few\nminutes.\n\nPlus, as an added bonus, the amount of time it will take to encrypt/decrypt\nis highly deterministic, so it's easy to add a nice progress bar to a UI.\n\nWill\n-------------- next part --------------\nAn HTML attachment was scrubbed...\nURL: \u003chttp://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20140312/4bd9b204/attachment.html\u003e",
"sig": "a9a130f3f8b19f6b0716f23d5b10f376fcd3f99fb63e81932a8dc26c35a529609b9e91c58c67eac6c181529e5b22bd7dae31777605955669140251aa54300a8f"
}