How long to crack 24 word phrase if you know all 24 words out of order? - page 3.

PawGo

legendary

Activity: 952

Merit: 1367

Quote from: o_e_l_e_o on December 20, 2021, 05:36:10 PM

If you don't know the position of 13 words instead of 12, then there are 13x as many combinations to try, so that would take roughly 13 hours.
For 14 words, 7 days.
For 15 words, 16 weeks.
For 16 words, 5 years.
For 17 words, 85 years.
For 18 words, 1500 years.

Quote from: pooya87 on December 21, 2021, 01:15:41 AM

To be clear the "good hardware" in this context for this duration means a 48-core cloud computing server not a regular good hardware PC. With a PC with the best CPU you would get a couple of hours, possibly 5 or 6.
That's for BIP39 mnemonic, but for Electrum it should take a lot less by a factor of about 12.

Exactly. That's why I am not a big fan of providing exact data and saying "I will take 7 days". It will take 7 days on one specific computer, while on other it would take 6 days or 8 days. If Google or Amazon would like to use their datacenters and their hardware, maybe it would take 5 minutes.
The point is to understand how difficulty (time estimation) changes when we change length of seed - they say size does not matter, but we clearly see the longer the better Grin

pooya87

legendary

Activity: 3430

Merit: 10505

Quote from: o_e_l_e_o on December 20, 2021, 05:36:10 PM

With good hardware, btcrecover will descramble a 12 word BIP39 seed phrase in an hour:

To be clear the "good hardware" in this context for this duration means a 48-core cloud computing server not a regular good hardware PC. With a PC with the best CPU you would get a couple of hours, possibly 5 or 6.
That's for BIP39 mnemonic, but for Electrum it should take a lot less by a factor of about 12.

suchmoon

legendary

Activity: 3654

Merit: 8909

https://bpip.org

Quote from: bitmover on December 20, 2021, 12:38:40 PM

19 million years. I am impressed, because at first when I read the topic I thought it was possible.

It's also based on a very generous assumption about performance (1 billion permutations per second) so probably a lot more than 19 million years. Extrapolating o_e_l_e_o's example takes us into billions of years.

OTOH perhaps some very resourceful entity (a government, or Jeff Bezos) could potentially use millions of supercomputers and do it e.g. in 1 year... the question is - to what end? It's a very narrow use case, doesn't break Bitcoin protocol, and how many wallets are there that could be hacked this way and would justify the likely cost of $trillions?

At any rate, I wouldn't advise scrambling the words as a safety measure, tempting as it may be due to the above. The focus should be on keeping the seed physically secure and easy for the owner to recover.

o_e_l_e_o

legendary

Activity: 2268

Merit: 18509

Quote from: bitmover on December 20, 2021, 12:38:40 PM

However, if you know the location of some of those words it would be easier (maybe possible) to brute force it. Because the difficulty increases exponentially

With good hardware, btcrecover will descramble a 12 word BIP39 seed phrase in an hour: https://btcrecover.readthedocs.io/en/latest/Usage_Examples/2020-05-02_Descrambling_a_12_word_seed/Example_Descrambling_a_12_word_seed/. Although not exactly the same due to the checksum, lets assume that if you know 12 out of the 24 words then you could descramble the remaining 12 words in roughly the same amount of time.

If you don't know the position of 13 words instead of 12, then there are 13x as many combinations to try, so that would take roughly 13 hours.
For 14 words, 7 days.
For 15 words, 16 weeks.
For 16 words, 5 years.
For 17 words, 85 years.
For 18 words, 1500 years.

No point calculating beyond that really. Tongue

bitmover

legendary

Activity: 2212

Merit: 5622

Non-custodial BTC Wallet

Quote from: suchmoon on December 20, 2021, 12:10:36 PM

Quote from: Trader Steve on December 20, 2021, 12:08:17 PM

Even if you have the 24 words to guess from?

Still quite unfeasible:

https://bitcoin.stackexchange.com/questions/92540/bruteforcing-a-seed-with-24-words-of-a-unknown-order

Cryptography is really impressive.

Quote from: Trader Steve on December 20, 2021, 11:35:37 AM

I am curious to know the actual difficulty/cost/time involved to put a 24 word seed phrase in the correct order if you have the 24 words but not the correct order? I can see that there are 24^24 number of combinations but what does that translate into difficulty/time/cost?

However, if you know the location of some of those words it would be easier (maybe possible) to brute force it. Because the difficulty increases exponentially

PawGo

legendary

Activity: 952

Merit: 1367

Of course, many depends on hardware. But:
1) we talk about the most pessimistic scenario (checking all the possibilities) - if you have luck, you may get correct result after one second
2) you may increase instantaneous speed of your calculations, but still you will process only a small fraction of all permutations during your life (or until Sun die).

BitMaxz

legendary

Activity: 3234

Merit: 2943

Block halving is coming.

I think it all depends on your hardware speed like on btcrecover.py on cracking password, encrypted key, or seed phrase.

They have a list of hardware performance both CPU and GPU you can find it here https://btcrecover.readthedocs.io/en/latest/GPU_Acceleration/
Based on that chart GPU is much faster than CPU.

Trader Steve

hero member

Activity: 836

Merit: 1007

"How do you eat an elephant? One bit at a time..."

Thank you! Very fascinating!

suchmoon

legendary

Activity: 3654

Merit: 8909

https://bpip.org

Quote from: ?? on ??

The 128 to 256 bits of entropy and the checksum which will add 4 to 8 more bits (depending on the number of bits of entropy) that result to seed phrase generation are secure and safe and makimg seed phrase brute force impossible.

That's not what the OP is asking.

Quote from: Trader Steve on December 20, 2021, 12:08:17 PM

Even if you have the 24 words to guess from?

Still quite unfeasible:

https://bitcoin.stackexchange.com/questions/92540/bruteforcing-a-seed-with-24-words-of-a-unknown-order

PawGo

legendary

Activity: 952

Merit: 1367

Quote from: Trader Steve on December 20, 2021, 11:35:37 AM

I am curious to know the actual difficulty/cost/time involved to put a 24 word seed phrase in the correct order if you have the 24 words but not the correct order? I can see that there are 24^24 number of combinations but what does that translate into difficulty/time/cost?

It is not 24^24 but 24! (=24*23*22*...*2*1).
Think about it that way:
on first position you may have any of 24 words
on second position any word from 23 left
on third position any word from 22 left...

I have prepared something like that in my program: https://github.com/PawelGorny/lostword
Check worker 'PERMUTATION_CHECK'.
Anyway with 24 words..... it is a lot of work.

Trader Steve

hero member

Activity: 836

Merit: 1007

"How do you eat an elephant? One bit at a time..."

Quote from: ?? on ??

The 128 to 256 bits of entropy and the checksum which will add 4 to 8 more bits (depending on the number of bits of entropy) that result to seed phrase generation are secure and safe and makimg seed phrase brute force impossible.

Even if you have the 24 words to guess from?

Trader Steve

hero member

Activity: 836

Merit: 1007

"How do you eat an elephant? One bit at a time..."

I am curious to know the actual difficulty/cost/time involved to put a 24 word seed phrase in the correct order if you have the 24 words but not the correct order? I can see that there are 24^24 number of combinations but what does that translate into difficulty/time/cost?

Topic: How long to crack 24 word phrase if you know all 24 words out of order? - page 3. (Read 1059 times)