nezhurin (OP)
Newbie
Offline
Activity: 16
Merit: 0
|
|
September 21, 2016, 01:08:23 PM |
|
The electrum seed is 12 words randomly generated from 2048 words list the word list is public and everyone know what the words are so for someone to brute force it they dont need to brute force 12 words but simply 12 characters since every word is known how can it be secure? i want to store some of my BTC with electrum but i just do not see how a 12 word seed from 2048 public words can be secure it seems like very bad protection
|
|
|
|
achow101
Staff
Legendary
Offline
Activity: 3500
Merit: 6833
Just writing some code
|
|
September 21, 2016, 01:15:20 PM |
|
|
|
|
|
nezhurin (OP)
Newbie
Offline
Activity: 16
Merit: 0
|
|
September 21, 2016, 01:23:55 PM |
|
But in electrum there are 2048 words that are public so we can consider that each word is 1 alphabet letter so brute forcing a 12 character password from 2048 pool doesn't seem that hard to do? And after the seed is used is it possible to force it to use user generated password for make any transaction or after someone gets seed they have full access
|
|
|
|
achow101
Staff
Legendary
Offline
Activity: 3500
Merit: 6833
Just writing some code
|
|
September 21, 2016, 01:28:44 PM Last edit: September 21, 2016, 01:42:20 PM by achow101 |
|
But in electrum there are 2048 words that are public so we can consider that each word is 1 alphabet letter so brute forcing a 12 character password from 2048 pool doesn't seem that hard to do? And after the seed is used is it possible to force it to use user generated password for make any transaction or after someone gets seed they have full access You didn't read the post, did you? The search space is massive, in fact much more so than a 12 character password. Read the post and look at the math. Electrum's mnemonic is similar to BIP39 but not the same. AFAIK, Electrum actually uses 13 words. That means that there are 11,150,372,599,265,311,570,767,859,136,324,180,752,990,208 possible combinations. Furthermore, there are 5 languages, so if you don't know the language, there are 55,751,862,996,326,557,853,839,295,681,620,903,764,951,040 possible combinations. Because the seed is random, there is no pattern, so the only way to get the seed is through brute force. Even if you were able to guess 50 Million seeds per second, it would still take 1.3274253094363466155676022781338310420226438095238095... × 10^31 years to go through the search space.
|
|
|
|
altcoinhosting
|
|
September 21, 2016, 01:36:48 PM |
|
Basically, to sum up the post achow101 is refering to... It's like cracking a 12 character password written in an alphabet containing 2048 letters... But 4 different alphabets can be used.
Mathematically, it's waaaaaaaaaaaay harder than cracking a 12 character password written using a standard 26 character alphabet.
At least, that's how i always understood it.
|
|
|
|
nezhurin (OP)
Newbie
Offline
Activity: 16
Merit: 0
|
|
September 21, 2016, 01:41:46 PM |
|
Just tried Electrum and i can only make english so where are the others
|
|
|
|
achow101
Staff
Legendary
Offline
Activity: 3500
Merit: 6833
Just writing some code
|
|
September 21, 2016, 01:45:42 PM |
|
Just tried Electrum and i can only make english so where are the others
It depends on your computer's language. Default is english, if your computer's language is chinese, japanese, portuguese and spanish, then it will be in one of those languages. Also, read my edited post for the math.
|
|
|
|
|
DannyHamilton
Legendary
Offline
Activity: 3472
Merit: 4798
|
|
September 21, 2016, 02:05:45 PM |
|
But in electrum there are 2048 words that are public so we can consider that each word is 1 alphabet letter so brute forcing a 12 character password from 2048 pool doesn't seem that hard to do?
As some in this thread have been trying to explain to you, most alphabets have a LOT less than 2048 letters. Humans seem to have a very difficult time wrapping their minds around big numbers. I'll try to put it in perspective for you as best I can. Lets try some simple math: The english alphabet has 26 letters. That means that you have 26 possibilities for the first character. Each of those 26 possible first characters can match up with another 26 possibilities for the second character, so that's 26 X 26 possibilities for 2 characters. We can keep doing this for however many characters there are in the "seed": 26 X 26 X 26 X 26 X 26 X 26 X 26 X 26 X 26 X 26 X 26 X 26 = 26 12 = 9.54 X 10 16That's just a little bit less than 10,000,000,000,000,000 total possibilities for a 12 character seed from a 26 character alphabet. If you could try 10 billion passwords per second, it would take you about 11.5 DAYS to try all possibilities. This is why a 12 character seed doesn't "feel" very secure to you. Now lets try the same with a 2048 character alphabet... 2048 X 2048 X 2048 X 2048 X 2048 X 2048 X 2048 X 2048 X 2048 X 2048 X 2048 X 2048 = 5.44 X 10 39That's a bit more than 5,000,000,000,000,000,000,000,000,000,000,000,000,000 total possibilities for a 12 character seed from a 2048 character alphabet. If you could try 10 billion passwords per second, it would take you more than 1.7 X 10 22 YEARS to try all possibilities. That's significantly longer than the earth has existed. If you worked for the entire time that the earth has existed so far, and then again, and then again, and so on... You'd have to repeat that entire time more than 3.7 X 10 12 times. 1.7 X 10 22 YEARS is significantly longer than the universe has existed. If you worked for the entire time that the universe has existed, and then again, and then again, and so on... You'd have to repeat that entire time more than 1,000,000,000,000 times!
|
|
|
|
zend7
|
|
September 24, 2016, 06:12:43 AM |
|
The electrum seed is 12 words randomly generated from 2048 words list the word list is public and everyone know what the words are so for someone to brute force it they dont need to brute force 12 words but simply 12 characters since every word is known how can it be secure? i want to store some of my BTC with electrum but i just do not see how a 12 word seed from 2048 public words can be secure it seems like very bad protection
As anyone else has said electrum is one of the most secure desktop wallets and the seed is a great way to protect your bitcoins. Only install it on a clean PC( after a fresh format, or in a PC you are sure you are clean) then copy the seed words in a document with a password. Add this document to RAR with a strong password and keep it in a few USB sticks. This is the best protection you can have with a desktop wallet like electrum. If you want extreme protection go for a hardware wallet instead.
|
|
|
|
botija
|
|
September 28, 2016, 04:25:42 AM |
|
Look at it this way. 4 years ago I created a brute force calculator.
A 5 character password from a 95 key keyboard, going through 1,000,000 passwords per seconds would take 2.15 hours to go through all the combinations.
6 characters = 8.51 Days 7 characters = 2.21 Years 8 characters = 210.37 Years 9 characters = 19,985.08 Years 10 characters = 1,898,582.38 Years 11 characters = 180,365,326.06 Years 12 character = 17,134,705,976.11 Years
Now a 5 word password from a list of 2048 words, going though 1,000,000 passwords per seconds will take 1,142.47 years to go through all the combinations.
6 words = 2,339,769.67 Years 7 words = 4,791,848,282.97 Years 8 words = 9,813,705,283,528.19 Years 9 words = I get an error, because the number of passwords that is generated is over the .Net limit.
|
|
|
|
DannyHamilton
Legendary
Offline
Activity: 3472
Merit: 4798
|
|
September 28, 2016, 05:15:03 AM |
|
- snip - 9 words = I get an error, because the number of passwords that is generated is over the .Net limit.
Try Wolfram Alpha: https://www.wolframalpha.com/9 words = 20,084,711,768,769,320.25 Years 10 words = 41,133,489,702,439,567,873.75 Years 11 words = 84,241,386,910,596,235,005,438.12 Years 12 words = 172,526,360,392,901,089,291,137,276.56 Years
|
|
|
|
NorrisK
Legendary
Offline
Activity: 1946
Merit: 1007
|
|
September 28, 2016, 06:32:56 AM |
|
How can a password of 12 characters be secure? It uses letters, numbers and special characters that are all known.
Normal passwords only have about 50 characters to choose from, these seeds use 2048 "letters" as others have explained. You can see the signficant increase in security there. In addition, if the attackers doesn't know you use a seed like this (for a normal password, as for electrum it is obvious), the password is even longers as he would have to guess all random characters including spaces.
|
|
|
|
poptartcat
Member
Offline
Activity: 105
Merit: 10
|
|
September 28, 2016, 01:58:13 PM |
|
Also, I think for each seed, you would have to scan the blockchain to check for outputs belonging to the generated keys, and it's not like blockchain.info is going to let you use their public API 10 billion times per second.
|
|
|
|
botija
|
|
September 29, 2016, 05:19:18 PM |
|
- snip - 9 words = I get an error, because the number of passwords that is generated is over the .Net limit.
Try Wolfram Alpha: https://www.wolframalpha.com/9 words = 20,084,711,768,769,320.25 Years 10 words = 41,133,489,702,439,567,873.75 Years 11 words = 84,241,386,910,596,235,005,438.12 Years 12 words = 172,526,360,392,901,089,291,137,276.56 Years Thanks. I thought of using WA, but I didn't want to input the formula, since I was using the program I created.
|
|
|
|
smho_16
|
|
September 30, 2016, 01:35:03 PM |
|
- snip - 9 words = I get an error, because the number of passwords that is generated is over the .Net limit.
Try Wolfram Alpha: https://www.wolframalpha.com/9 words = 20,084,711,768,769,320.25 Years 10 words = 41,133,489,702,439,567,873.75 Years 11 words = 84,241,386,910,596,235,005,438.12 Years 12 words = 172,526,360,392,901,089,291,137,276.56 Years What about hardware wallets that like ledger have 24 words, is it double this time to brute force them ? It feels great to have such wonderful wallets in our power and it feels even better to know that behind such wallets, desktop ones like electrum being discussed here has a very active team of developers, same with ledger hardware wallet because they want to make it even better to sell more. I can sleep alright at night now after reading this.
|
|
|
|
achow101
Staff
Legendary
Offline
Activity: 3500
Merit: 6833
Just writing some code
|
|
September 30, 2016, 01:42:41 PM |
|
- snip - 9 words = I get an error, because the number of passwords that is generated is over the .Net limit.
Try Wolfram Alpha: https://www.wolframalpha.com/9 words = 20,084,711,768,769,320.25 Years 10 words = 41,133,489,702,439,567,873.75 Years 11 words = 84,241,386,910,596,235,005,438.12 Years 12 words = 172,526,360,392,901,089,291,137,276.56 Years What about hardware wallets that like ledger have 24 words, is it double this time to brute force them ? It feels great to have such wonderful wallets in our power and it feels even better to know that behind such wallets, desktop ones like electrum being discussed here has a very active team of developers, same with ledger hardware wallet because they want to make it even better to sell more. I can sleep alright at night now after reading this. It's not double, it's exponential. There would be 2048^24 possible combinations then.
|
|
|
|
ulhaq
|
|
May 23, 2017, 06:33:22 PM |
|
Why is it that a dictionary of 2048 words are used? While the search space is inconceivably large, what is the advantage in not using random sequences of letters in place of the 2048 words, which would increase the search space dramatically?
Presumably the chance of a brute-force attack finding ANYONE's seed is also too small. But if it did happen by chance, it could be quite damaging to that individual? Because no one presumably uses multiple wallets/seeds, and since 1 seed is controlling all the private keys, what if someone had hundreds of millions of USD in bitcoin, eg? Or would they have multiple seeds/wallets?
|
|
|
|
Abdussamad
Legendary
Offline
Activity: 3668
Merit: 1579
|
|
May 23, 2017, 07:43:59 PM |
|
Why is it that a dictionary of 2048 words are used? While the search space is inconceivably large, what is the advantage in not using random sequences of letters in place of the 2048 words, which would increase the search space dramatically?
Presumably the chance of a brute-force attack finding ANYONE's seed is also too small. But if it did happen by chance, it could be quite damaging to that individual? Because no one presumably uses multiple wallets/seeds, and since 1 seed is controlling all the private keys, what if someone had hundreds of millions of USD in bitcoin, eg? Or would they have multiple seeds/wallets?
It isn't possible to brute force a seed. Now as to why we use English words it is so that we can write it down easily. The seed is actually a really large random number that gets encoded as English words so we humans can write it down with our meaty hands. You could just as easily represent it as a hexadecimal number or base64 or some other encoding. It just wouldn't be very user friendly.
|
|
|
|
ulhaq
|
|
May 24, 2017, 10:44:51 PM |
|
Based on the above posts, it seems that even half the seed should be secure? 6 words = 2,339,769.67 Years
However, this is in conflict with this post https://bitcointalk.org/index.php?topic=1012535.msg10985641#msg10985641, which states that it would be easy to break. The idea would be to store half the seed in 1 secure location, and the other half in another.
|
|
|
|
|