📅 Original date posted:2016-07-27
📝 Original message:Jonas Schnelli via bitcoin-dev <bitcoin-dev at lists.linuxfoundation.org>
schrieb am Di., 26. Juli 2016 um 22:10 Uhr:
> Side-note: Bip39 does still use PBKDF2 with 2048 iterations which I
> personally consider "not enough" to protect a serious amount of funds.
>
>
But what are the alternatives? Put an expensive processor and a decent
amount of memory in every hardware wallet to support scrypt? Use a million
iterations and just wait 10 minutes after entering you passphrase? Or
compute the secret key on your online computer instead?
Also, how many iterations are secure? A million? Then just add two random
lower-case letters to the end of your passphrase and you have a better
protection with 2048 iterations. If you want to be able to use your
passphrase with cheap hardware and be protected against a high-end computer
with multiple GPUs that is almost a mllion times faster, then you have to
choose a good passphrase. Or just make sure nobody steals your seed; it is
not a brainwallet that is only protected by the passphrase after all.
Regards,
Jochen
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20160727/6744055a/attachment.html>;
Jochen Hoenicke [ARCHIVE] /
npub1tu…dca6f
2023-06-07 17:52:02
in reply to nevent1q…vfmv
Author Public Key
npub1tue9u2scw5pe77vn4fz0464zz0387gm0zwy2zjhqg2yap36zhj2s4dca6fPublished at
2023-06-07 17:52:02Event JSON
{
"id": "26482d51f6acbc7f94b06b00422d7585dbd0dc5988bc46876fce1ebc9a35c325",
"pubkey": "5f325e2a1875039f7993aa44faeaa213e27f236f1388a14ae04289d0c742bc95",
"created_at": 1686160322,
"kind": 1,
"tags": [
[
"e",
"d3ef87a73efb73e9def6714a0568d0ef5f056b1414d4debb82e7f1f9e566428d",
"",
"root"
],
[
"e",
"5f6a7f5f20866adb6c9708710b387c1cb4ba798d75b37fe3d42a4c3d4225323e",
"",
"reply"
],
[
"p",
"9a463e0fab8963b013698c15a0f2449d19c97f3b88458e5874095b5006df9a0c"
]
],
"content": "📅 Original date posted:2016-07-27\n📝 Original message:Jonas Schnelli via bitcoin-dev \u003cbitcoin-dev at lists.linuxfoundation.org\u003e\nschrieb am Di., 26. Juli 2016 um 22:10 Uhr:\n\n\u003e Side-note: Bip39 does still use PBKDF2 with 2048 iterations which I\n\u003e personally consider \"not enough\" to protect a serious amount of funds.\n\u003e\n\u003e\nBut what are the alternatives? Put an expensive processor and a decent\namount of memory in every hardware wallet to support scrypt? Use a million\niterations and just wait 10 minutes after entering you passphrase? Or\ncompute the secret key on your online computer instead?\n\nAlso, how many iterations are secure? A million? Then just add two random\nlower-case letters to the end of your passphrase and you have a better\nprotection with 2048 iterations. If you want to be able to use your\npassphrase with cheap hardware and be protected against a high-end computer\nwith multiple GPUs that is almost a mllion times faster, then you have to\nchoose a good passphrase. Or just make sure nobody steals your seed; it is\nnot a brainwallet that is only protected by the passphrase after all.\n\nRegards,\n Jochen\n-------------- next part --------------\nAn HTML attachment was scrubbed...\nURL: \u003chttp://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20160727/6744055a/attachment.html\u003e",
"sig": "17187492f403038c257ee765b2bf00f0a6817a9b184bad3a8f48610a275258b1c19290c77c0ed891fb547d76d5a5035b4eee94a404b6281d604cb18c6d098b3c"
}