Latest posts of: chairmember

Bitcoin Forum

June 26, 2024, 02:23:02 PM

Welcome, Guest. Please login or register.

News: Latest Bitcoin Core release: 27.0 [Torrent]

Home

Help

Search

Login

Register

More

Show Posts
Pages: [1]

1

Bitcoin / Development & Technical Discussion / Re: Could a Quantum Computer derive a BIP32 seed from a public key?

on: November 05, 2018, 01:53:07 PM

https://np.reddit.com/r/ledgerwallet/comments/7fjc3v/security_of_ledger_wallets_hierarchical/ For long-term QC-resistant storage on a BIP 32 or BIP 39 seed, it sounds like it's best to store in an unused address and don't expose the seed's master public key. If I understand correctly, it's impossible for a QC to reverse engineer a seed like this: exposed public key -> master public key -> seed Thanks for the help

2

Bitcoin / Development & Technical Discussion / Re: Could a Quantum Computer derive a BIP32 seed from a public key?

on: November 05, 2018, 01:05:52 AM

Quote from: bones261 on November 05, 2018, 01:00:59 AM Quote from: chairmember on November 05, 2018, 12:34:22 AM What about Ledger hardware wallet addresses that use BIP49? For example, these 4 addresses were derived from the same seed on a Ledger: (1) 38yp4KEzHXuQzPqXosDrqR6k7m82vtTWN4 -> sent a transaction and exposed public key (2) 3HdkVwrSuDcVhpcHRBfpxdyEWDgFhEo3T9 (3) 3GPmyepu9DpGYKMUgF4XV2kNhnWjZEEbJb (4) 3D6Ka9zE1Ku2nu43h5YSET8M1tewm7AUGH Could a QC use the exposed public key from (1) to compromise addresses (2), (3), and (4) ? Assuming a QC is invented in the future that can break ECDSA. Do you mean BIP39? Bip49 is what allows for segwit address to be embedded in a P2SH. Either way, the HMAC-SHA512 is used as the random function, and I really do not think it will be a trivial task, even for a QC that could break ECDSA. Yes, I meant BIP39

3

Bitcoin / Development & Technical Discussion / Re: Could a Quantum Computer derive a BIP32 seed from a public key?

on: November 05, 2018, 12:34:22 AM

Quote from: bones261 on November 04, 2018, 11:52:29 PM Bip 32 uses HMAC-SHA512 as the algorithm. I think that it would be much easier for a quantum computer to attempt to crack an individual private key than to attempt to crack the BIP32 seed. Quite frankly, I think we are quite far off from quantum computers becoming powerful enough to make password/private key hacking trivial due to quantum decoherence. What about Ledger hardware wallet addresses that use BIP49? For example, these 4 addresses were derived from the same seed on a Ledger: (1) 38yp4KEzHXuQzPqXosDrqR6k7m82vtTWN4 -> sent a transaction and exposed public key (2) 3HdkVwrSuDcVhpcHRBfpxdyEWDgFhEo3T9 (3) 3GPmyepu9DpGYKMUgF4XV2kNhnWjZEEbJb (4) 3D6Ka9zE1Ku2nu43h5YSET8M1tewm7AUGH Could a QC use the exposed public key from (1) to compromise addresses (2), (3), and (4) ? Assuming a QC is invented in the future that can break ECDSA.

4

Bitcoin / Development & Technical Discussion / Could a Quantum Computer derive a BIP32 seed from a public key?

on: November 04, 2018, 11:39:39 PM

I've read that a QC could break ECDSA to derive a public key from a private key. Could it also derive a BIP 32 seed from the public key?

5

Bitcoin / Bitcoin Discussion / Could a Quantum Computer derive a BIP32 seed from a public key?

on: November 04, 2018, 11:20:56 PM

I've read that a Quantum Computer could break ECDSA to derive a private key from a public key. Could this hypothetical QC also derive a BIP 32 seed from a public key?

Pages: [1]

Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines