Btc storage question | Bitcointalksearch.org

bitart

hero member

Activity: 1442

Merit: 629

Vires in Numeris

Quote from: glub0x on August 13, 2017, 01:18:07 AM

Quote from: hatshepsut93 on August 12, 2017, 06:00:04 PM

There's a lot of good responses here already, but I want to add that password strength is usually measured in bits of enthropy, for easier comparison with recommended values of security level. For a long time 80 bits of security were considered the minimum requirement, but now this number was increased to 112 bits.

So, how many bits there are in your example? Well, the formula is easy -

Your L is 8, while your N is 10,000, so H = 106.3

This means that it's unlikely to get brute forced now, but it might become crackable in 10-20 years with your home pc.

ok thanks sir, perfect answer.

You haven't revealed what was the main idea behind your question, but if it's like you will write down a part of the seed and store it somewhere (in)secure place, and you don't want your coins got stolen if someone finds the seed, there are some other methods to store your seed safely.
E.g. you can write down your entire seed, but in alphabetical order, and the only thing you need to memorize is the order of the words in the seed.
Or you can just write down the seed in the original order, but at the end, you swap two words (preferabely not the first and the last), and noone will know which words to swap to get back the original seed. Or (when words are in the original order), write an extra word somewhere in the seed, and you should only remember the additional word, which is not part of the seed.
You only need to be 100% sure that you will remember what to do.

nagobinga

full member

Activity: 476

Merit: 100

I do not know the storage but in my opinion very safe certainly not easy people will take it and very confidential.

glub0x

legendary

Activity: 892

Merit: 1013

Quote from: hatshepsut93 on August 12, 2017, 06:00:04 PM

There's a lot of good responses here already, but I want to add that password strength is usually measured in bits of enthropy, for easier comparison with recommended values of security level. For a long time 80 bits of security were considered the minimum requirement, but now this number was increased to 112 bits.

So, how many bits there are in your example? Well, the formula is easy -

Your L is 8, while your N is 10,000, so H = 106.3

This means that it's unlikely to get brute forced now, but it might become crackable in 10-20 years with your home pc.

ok thanks sir, perfect answer.

An0nyMoose

sr. member

Activity: 490

Merit: 255

Quote from: Usui-Kun on August 12, 2017, 08:29:34 AM

Let's do some estimations and assumptions here: Assuming that the wallet or storage, as you may, encrypts your btc between estimated 10k words in the dictionary thus giving them equal weight or probability for the random picking of your 24-word passphrase which 8 are currently unknown.

Estimation starts here: How well do you remember the number of letters in the 8 missing words? are they less than six? seven? This may help you to lessen the estimated 10k words that your storage uses. Are the words commonly used? Do you see or use the words in your everyday life? This will eliminate those uncommon words.

Let's say that the elimination you did got rid off of the half of the 10k words you estimated, you have now 5k words to choose from.
The ways of choosing 8 words from the estimated 5000 can be computed by:
((5000!)/((8!)(4992!)) = 9.63 x 10^24. (I don't claim perfect knowledge)

If you can't imagine the number. There are about 7.5 x 10^18 grains of sand on Earth, and we already did some estimations! So goodluck with your quest, may you randomly pick your lucky 8 words.

Your calculations easily prove that this would not be possible.

OP needs to remember a few more words to make it possible. I think with 4 or 5 missing, it might be.

hatshepsut93

legendary

Activity: 3024

Merit: 2148

There's a lot of good responses here already, but I want to add that password strength is usually measured in bits of enthropy, for easier comparison with recommended values of security level. For a long time 80 bits of security were considered the minimum requirement, but now this number was increased to 112 bits.

So, how many bits there are in your example? Well, the formula is easy -

Your L is 8, while your N is 10,000, so H = 106.3

This means that it's unlikely to get brute forced now, but it might become crackable in 10-20 years with your home pc.

BitcoinBallerina

full member

Activity: 308

Merit: 100

Presale is live!

Quote from: glub0x on August 12, 2017, 08:08:30 AM

Hello,
If i have 16 words (in order) of a 24 words passphrase for a btc address,
And I also have the dictionary (10k words)from where the words jave been taken.

How hard would it be for me to find the 8 missing words via bruteforce?

Would not be possible on your local machine, that is certain.

However, a professional company might be able to help crack it for you.

PokerFace3

hero member

Activity: 700

Merit: 500

Quote from: Usui-Kun on August 12, 2017, 08:29:34 AM

Let's do some estimations and assumptions here: Assuming that the wallet or storage, as you may, encrypts your btc between estimated 10k words in the dictionary thus giving them equal weight or probability for the random picking of your 24-word passphrase which 8 are currently unknown.

Estimation starts here: How well do you remember the number of letters in the 8 missing words? are they less than six? seven? This may help you to lessen the estimated 10k words that your storage uses. Are the words commonly used? Do you see or use the words in your everyday life? This will eliminate those uncommon words.

Let's say that the elimination you did got rid off of the half of the 10k words you estimated, you have now 5k words to choose from.
The ways of choosing 8 words from the estimated 5000 can be computed by:
((5000!)/((8!)(4992!)) = 9.63 x 10^24. (I don't claim perfect knowledge)

If you can't imagine the number. There are about 7.5 x 10^18 grains of sand on Earth, and we already did some estimations! So goodluck with your quest, may you randomly pick your lucky 8 words.

This method is definitely going to work. But I don’t think so he remembers any of 8 missing places. I just hope he is that lucky. The number of possible combination is correct. In case of 5k, it will be simply 5k exponent 8 as any of 5k words can take any of 8 available places. Also, he is talking about dictionary attack in which you pick up some of words as you have described. And he already has one. Brute force includes all possible combinations and sorry to say, in case of 10k it is pretty time consuming to check all of them. I just hope he can found some other recovery way. Also I suggest writing such important words somewhere. Man you have some big phrase there and a lot of work to do!

pereira4

legendary

Activity: 1610

Merit: 1183

Quote from: glub0x on August 12, 2017, 08:08:30 AM

Hello,
If i have 16 words (in order) of a 24 words passphrase for a btc address,
And I also have the dictionary (10k words)from where the words jave been taken.

How hard would it be for me to find the 8 missing words via bruteforce?

Trying to bruteforce 8 missing letters from a password is insanely hard even with supercomputers.

Im not sure how accurate this website is, but:

http://calc.opensecurityresearch.com/

according to it, setting the following settings:

Password Length: 8
Keys per second: Raw SHA-256 - (2600K k/s)
Charset [len:77]: lalhpa-numeric-all-space

To brute force the entire keyspace it will take about

15 years 94 days 17 hours 3 minutes 45 seconds

(1251995979594360 password combinations)

But here's the thing, a 16 character lenght password:

To brute force the entire keyspace it will take about

19 quadrillion years

More specifically
18856483101931430 years 109 days 9 hours 25 minutes and 38 seconds

(1.547136868856542e+30 password combinations)

So 16 alphanumeric passwords should be safe for life.

glub0x

legendary

Activity: 892

Merit: 1013

Ok, I am trying to choose some number to build a 2 out of 3 paper wallet...

i came to this 10k^8 ( =10^32 right?) number aswell but i couldn't imagine if it is big enough for a computer to be able to bruteforce it... So, now i guess it is.
I find it very hard to imagine those number and compare it to anything...

This mean i could have a shorter passphrase. what size would still be safe? ( 10^7 ? 10^6 ?)

Thanks for help

Usui-Kun

member

Activity: 224

Merit: 10

Streamity Decentralized cryptocurrency exchange

Let's do some estimations and assumptions here: Assuming that the wallet or storage, as you may, encrypts your btc between estimated 10k words in the dictionary thus giving them equal weight or probability for the random picking of your 24-word passphrase which 8 are currently unknown.

Estimation starts here: How well do you remember the number of letters in the 8 missing words? are they less than six? seven? This may help you to lessen the estimated 10k words that your storage uses. Are the words commonly used? Do you see or use the words in your everyday life? This will eliminate those uncommon words.

Let's say that the elimination you did got rid off of the half of the 10k words you estimated, you have now 5k words to choose from.
The ways of choosing 8 words from the estimated 5000 can be computed by:
((5000!)/((8!)(4992!)) = 9.63 x 10^24. (I don't claim perfect knowledge)

If you can't imagine the number. There are about 7.5 x 10^18 grains of sand on Earth, and we already did some estimations! So goodluck with your quest, may you randomly pick your lucky 8 words.

Red-Apple

hero member

Activity: 1470

Merit: 655

Quote from: glub0x on August 12, 2017, 08:08:30 AM

Hello,
If i have 16 words (in order) of a 24 words passphrase for a btc address,
And I also have the dictionary (10k words)from where the words jave been taken.

How hard would it be for me to find the 8 missing words via bruteforce?

you are missing 8 words and you say each missing place can be 10K words. mathematically speaking that is
10K * 10K * 10K * 10K * 10K * 10K * 10K * 10K = 10K ^ 8 different possibilities. depending on your machine power you can calculate how long that would take. it is infinity.

but bitcoin speaking if the total 24 words is the seed you are talking about then the dictionary is not 10K words, it is 2048 words if i am not mistaken which means the total words you need to check is 2048 ^ 8 = 3e+26
which is still ridiculously high. this also probably is infinity.

glub0x

legendary

Activity: 892

Merit: 1013

Hello,
If i have 16 words (in order) of a 24 words passphrase for a btc address,
And I also have the dictionary (10k words)from where the words jave been taken.

How hard would it be for me to find the 8 missing words via bruteforce?

Topic: Btc storage question (Read 467 times)