Bitcoin Forum
November 18, 2017, 08:38:34 AM *
News: Latest stable version of Bitcoin Core: 0.15.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Electrum: How can it be safe?  (Read 739 times)
QuietOne
Newbie
*
Offline Offline

Activity: 6


View Profile
March 25, 2013, 10:38:19 AM
 #1

If in the future there was an easy way to brute force seed phrases, wouldn't your wallet be unsafe sometime in the future?
Coinlancer is Disrupting the Freelance marketplace!
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
DannyHamilton
Legendary
*
Offline Offline

Activity: 1974



View Profile
March 25, 2013, 10:42:28 AM
 #2

If in the future there was an easy way to brute force seed phrases, wouldn't your wallet be unsafe sometime in the future?

Yes, "if there was an easy way to brute force seed phrases", then your wallet would be unsafe.

Why do you believe that it will be any easier to brute force seed phrases than it is to brute force private keys?

QuietOne
Newbie
*
Offline Offline

Activity: 6


View Profile
March 25, 2013, 10:46:38 AM
 #3

If in the future there was an easy way to brute force seed phrases, wouldn't your wallet be unsafe sometime in the future?

Yes, "if there was an easy way to brute force seed phrases", then your wallet would be unsafe.

Why do you believe that it will be any easier to brute force seed phrases than it is to brute force private keys?
Shorter and composed of actual words, I think.
DannyHamilton
Legendary
*
Offline Offline

Activity: 1974



View Profile
March 25, 2013, 10:55:17 AM
 #4

Shorter and composed of actual words, I think.

Ah, I just took a quick look at the Electrum website.  You are correct.  The Electrum Seed phrase is generated as 128 random bits.  A private key on the other hand is 256 random bits.  So apparently, once 128 bit keys can be brute-forced, then Electrum passphrases will be brute-forceable as well.  Personally, I'm not concerned about an ability to brute force a random 128 bit passphrase in my lifetime.  I suppose if technology does get close to that, then people with Electrum wallets will need to upgrade and move their coins to a new wallet with higher entropy passphrases.

QuietOne
Newbie
*
Offline Offline

Activity: 6


View Profile
March 25, 2013, 11:04:37 AM
 #5

Shorter and composed of actual words, I think.

Ah, I just took a quick look at the Electrum website.  You are correct.  The Electrum Seed phrase is generated as 128 random bits.  A private key on the other hand is 256 random bits.  So apparently, once 128 bit keys can be brute-forced, then Electrum passphrases will be brute-forceable as well.  Personally, I'm not concerned about an ability to brute force a random 128 bit passphrase in my lifetime.  I suppose if technology does get close to that, then people with Electrum wallets will need to upgrade and move their coins to a new wallet with higher entropy passphrases.
So the endgame for those types of wallets would be to send all coins to a different wallet, incurring a transaction fee? I'd assume if you could regenerate it from a seed, the master key would be compromised.
noeatnosleep
Newbie
*
Offline Offline

Activity: 13


View Profile
March 25, 2013, 11:09:35 AM
 #6

Honestly, using normal hardware available non-commercially, it would take you approximately a year to bruteforce a 10 didget alpha-numeric dual-case pass phrase's hash, and that's if you actually have the hash, and it's not salted.. I think we'll be fine for a while. =)
DannyHamilton
Legendary
*
Offline Offline

Activity: 1974



View Profile
March 25, 2013, 11:11:58 AM
 #7

So the endgame for those types of wallets would be to send all coins to a different wallet, incurring a transaction fee? I'd assume if you could regenerate it from a seed, the master key would be compromised.

Yes.  Depending on the size of the transaction and the popularity of bitcoin at the time a fee may or may not be required.  If a fee is required, it may or may not be large enough at that time to be of concern to the individual making the transfer.  But, any bitcoins left behind at an address that resulted from a cracked (or otherwise compromised) seed phrase would be vulnerable.  The only way to be sure that the funds were secure would be to transfer them to a new address that was not derived from the compromised seed.

DannyHamilton
Legendary
*
Offline Offline

Activity: 1974



View Profile
March 25, 2013, 11:18:20 AM
 #8

it would take you approximately a year to bruteforce a 10 didget alpha-numeric dual-case pass phrase's hash

10 character pass phrase??  That's only something like 64 bits.

Electrum uses 128 bits.  That is a HUGE difference. 

noeatnosleep
Newbie
*
Offline Offline

Activity: 13


View Profile
March 30, 2013, 10:48:20 AM
 #9

You're absolutely correct.

I was simply using a 64 bit password hash to illustrate that a 128 bit brute force isn't exactly a walk in the park. You would have to *really* want to get in there, and have lots of time to do it.
flatfly
Legendary
*
Offline Offline

Activity: 994


View Profile
March 30, 2013, 11:18:44 AM
 #10

You're absolutely correct.

I was simply using a 64 bit password hash to illustrate that a 128 bit brute force isn't exactly a walk in the park. You would have to *really* want to get in there, and have lots of time to do it.

Just to add my 2 cents: if by "lots of time" you mean "10 times the age of Earth" you would still be underestimating how long it takes on average.

1111127SpvabYpoeDoiz5L7QPkfiSh2Q. Only donate if you have a reason to.
ThomasV
Legendary
*
Offline Offline

Activity: 1892



View Profile WWW
March 30, 2013, 11:26:21 AM
 #11

I suppose if technology does get close to that, then people with Electrum wallets will need to upgrade and move their coins to a new wallet with higher entropy passphrases.

Exactly. If a technological breakthrough, such as quantum computing, was even remotely threatening 128 bit seeds, we would upgrade immediately.
The same is true for Bitcoin addresses, which have 160 bits of entropy.

btw, thank you OP for the fear mongering thread title.

Electrum: the convenience of a web wallet, without the risks
romerun
Legendary
*
Offline Offline

Activity: 1078


Bitcoin is new, makes sense to hodl.


View Profile
March 30, 2013, 12:28:00 PM
 #12

If the technology reaches that point we pry have other bigger problems to worry about.
noeatnosleep
Newbie
*
Offline Offline

Activity: 13


View Profile
April 08, 2013, 02:28:39 AM
 #13

Yeah, like completely abandoning everything we know about cryptology. Lol.
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!