Bitcoin Forum>Bitcoin>Development & Technical Discussion>Wallet software
Author

Topic: how safe is the passphrase revovery seed (Read 548 times)

bob123
legendary
Activity: 1624
Merit: 2481
how safe is the passphrase revovery seed
November 17, 2017, 07:05:28 AM
#7
Quote from: Stedsm on November 16, 2017, 01:59:08 PM
Can a duplicate seed / passphrase be generated for any address by wallets in any means?
If yes, what's the possibility of it being done, I mean in how much time addresses' seeds and passphrases may go stagnant if ever?

Theoretically, yes. Private keys could be generated "a second time". This is called address collision.
There are 2^160 possible addresses which can be generated. Since, in theory, you have to search 1/2 of the search space to find a collision (birthday paradox),
you would need to calculate 2^159 priv-/pubkey pairs, on average, to find a collision by an address being generated a second time.
2^159 = 7307508200000000000000000000000000000000000000000000000
So the chances of a collision are almost zero. It is considered to be "bullet proof"

Provided the wallet you are using is using a good random number generator (with enough entropy).
Stedsm
legendary
Activity: 3052
Merit: 1273
Re: how safe is the passphrase revovery seed
November 16, 2017, 01:59:08 PM
#6
Quote from: bob123 on November 16, 2017, 10:00:27 AM
A Hierarchical Deterministic (HD) wallet uses a seed (12/18/24 word seed) to generate private-/public key pairs (your addresses and private keys).
Basically there are mathematical operations which will be performed on your seed plus a counter to generate multiple addresses (to put it simply).
You actually don't need your wallet software to restore your addresses. You only need a BIP 39 compatible tool which will caluclate your keys out of the seed.
As long as you have access to a pc and internet you can always restore your coins from this seed.

Can a duplicate seed / passphrase be generated for any address by wallets in any means?
If yes, what's the possibility of it being done, I mean in how much time addresses' seeds and passphrases may go stagnant if ever?
funcho
jr. member
Activity: 153
Merit: 2
do your own research
Re: how safe is the passphrase revovery seed
November 16, 2017, 10:40:00 AM
#5
Quote from: bob123 on November 16, 2017, 10:00:27 AM
A Hierarchical Deterministic (HD) wallet uses a seed (12/18/24 word seed) to generate private-/public key pairs (your addresses and private keys).
Basically there are mathematical operations which will be performed on your seed plus a counter to generate multiple addresses (to put it simply).
You actually don't need your wallet software to restore your addresses. You only need a BIP 39 compatible tool which will caluclate your keys out of the seed.
As long as you have access to a pc and internet you can always restore your coins from this seed.

Wow super cool thx
bob123
legendary
Activity: 1624
Merit: 2481
Re: how safe is the passphrase revovery seed
November 16, 2017, 10:00:27 AM
#4
A Hierarchical Deterministic (HD) wallet uses a seed (12/18/24 word seed) to generate private-/public key pairs (your addresses and private keys).
Basically there are mathematical operations which will be performed on your seed plus a counter to generate multiple addresses (to put it simply).
You actually don't need your wallet software to restore your addresses. You only need a BIP 39 compatible tool which will caluclate your keys out of the seed.
As long as you have access to a pc and internet you can always restore your coins from this seed.
bL4nkcode
copper member
Activity: 2142
Merit: 1305
Limited in number. Limitless in potential.
Re: how safe is the passphrase revovery seed
November 16, 2017, 04:05:49 AM
#3
Quote from: funcho on November 15, 2017, 03:42:18 PM
i have lots of clients
coinimi
mycelium .............................
which uses pass seeds to restore the wallet

i still dont undersrand it ... is it something which will work even in 10 years from now and i can rely on it =?

It should be working for even 20 years or so, since bitcoin will still working and will be mine until 2110–2140, and this word seed is one of those ways to generate bitcoin address so most probably this recovery seed will still work until that year
Xavofat
hero member
Activity: 938
Merit: 559
Did you see that ludicrous display last night?
Re: how safe is the passphrase revovery seed
November 15, 2017, 06:49:33 PM
#2
I'm not familiar with the length of seed or the the number of possible words in the seeds for Coinomi or Mycelium, but I know that my TREZOR has a 24-word seed. 

Their explanation of the security of their seed phrase is:
Quote from: https://doc.satoshilabs.com/trezor-faq/threats.html
in order to check all possible orderings in a 24-word seed, you need to run SHA-512:

24! ÷ 256 × 8096 = 19621680704813697269760000 times

The bitcoin network is capable of preforming 176 537 883 000 000 000 iterations of SHA-256 each second.

If we wave our hands a bit, we can claim that SHA-512 and SHA-256 are the same difficulty (which they aren’t but let’s pretend they are). Therefore, it should take somewhere around half of:

(24! ÷ 256 × 8096) ÷ 176 537 883 000 000 000 ÷ 60 ÷ 60 ÷ 24 ÷ 365 = 3.5 years

for the ENTIRE BITCOIN NETWORK to crack the seed.
So with modern technology, it's outrageously impractical to attempt to crack a 24-word seed.  12-word and 18-word seeds are also perfectly secure, assuming that they were generated randomly.
funcho
jr. member
Activity: 153
Merit: 2
do your own research
Re: how safe is the passphrase revovery seed
November 15, 2017, 03:42:18 PM
#1
i have lots of clients
coinimi
mycelium .............................
which uses pass seeds to restore the wallet

i still dont undersrand it ... is it something which will work even in 10 years from now and i can rely on it =?
Bitcoin Forum>Bitcoin>Development & Technical Discussion>Wallet software
Jump to: