How can electrum seed be secure

[Abdussamad]

ulhaq you should create a multisig wallet if you want to create split backups.

[DannyHamilton]

Based on the above posts, it seems that even half the seed should be secure?

6 words = 2,339,769.67 Years

However, this is in conflict with this post https://bitcointalk.org/index.php?topic=1012535.msg10985641#msg10985641, which states that it would be easy to break.

The idea would be to store half the seed in 1 secure location, and the other half in another.

You seem to be having some difficulty multiplying and dividing.

2048 X 2048 X 2048 X 2048 X 2048 X 2048 = 73786976294838206464

If you could try 10 billion passwords per second, it would take you:
73786976294838206464 / 10000000000 = 7378697629.4838206464 seconds.

There are 60 seconds in a minute, so that's about:
7378697629 / 60 = 122978293.817 minutes

There are 60 minutes in an hour, so that's about:
122978293 / 60 = 2049638.21667 hours

There are 24 hours in a day, so that's about:
2049638 / 24 = 85401.5833333 days

There are about 365.25 days in a year.  Therefore, using the numbers from earlier posts, the result would be only
85401 / 365.25 = just a bit more than 233.8 years.

That's a LOT less than the 2,339,769.67 years that you came up with, and its a small enough number that I'd worry that someone could get lucky, or find a shortcut to a solution.

[ulhaq]

I didn't come up with that value, it was quoted from above. But I did get a large number, and your 233 years still seems safe. But clearly a multisig wallet is the way to go. Thanks for the input.

[jerry0]

Im curious but let say someone got a portion of your seed.  Electrum there are 12 words.  If someone were to get say the first 6 words, then are you still pretty safe?


Now what if someone knows say the first 10 or even 11 words of your seed.  Well if they know the first 11 words of your seed in the exact order, then i assume they could brute force this very quickly right?  But if they have the 10 or 11 words but not in the right order, i assume they could still brute force it but it would take longer?  And thus if they know the first 10 or 11 words, well they obviously know what language it is right?  How many words would you say is to the point where okay your seed is not safe anymore?  Im guessing the first 6, its still safe.  But probably if they got the first 8, then thats the point where its not safe?  The other thing is wouldn't the nano ledger s be more safe then since well its 24 words plus an option to make your own word?  Surely 24 words is safer than 12 words.


The other thing is this.  Aren't there going to hackers that would look at the entire word list say in english.  Then just trial and error putting random 12 words together and then magically eventually getting access to an account?  I mean how many electrum wallets are really out there?  How many in english?  Surely they could eventually hit one right after trial and error?  When i mean trial and error, i mean doing it themselves manually.  But those guys that do that, they use a program to brute force people say?  So brute force is basically a program that would just test every 12 word phrase on electrum click enter, it doesn't work, then try another word etc?  So if someone brute forces electrum, then they look at the computer and its basically like someone manually typing 12 different words over and over again?  And when brute force is done, do they do like 12 words where first 11 words are so and so, then the 12th word they take the next one on the 2000 word list etc?

[DannyHamilton]

- a lot of nonsense that can be resolved through simply reading posts on this forum -

2048 words in the word list.

12 words in the seed phrase

2048¹² = 5,444,517,870,735,015,415,413,993,718,908,291,383,296 possible combinations

If you try to "brute force" 1 million combinations of 12 words every second, it will take you:
5,444,517,870,735,015,415,413,993,718,908,291 seconds = 172,526,360,392,901,089,291,137,276 years

to try all the possibilities.

The universe has only existed less than 14,000,000,000 years.

That means if you started searching through 1 million addresses every second at the moment of the Big Bang, and continued until today you would have searched through less than  0.00000000000001% of the possible addresses.

At that rate (1 million per second) you'd have to start all over again with additional Big Bangs and search for more than 12,323,311,456,635,791 entire universes worth of time to get through all the possibilities.



If you have the first 11 words in order, and you know which position the 12th word belongs in, then you'll find it in less than 2048 tries (since there are only 2048 words to choose from).

If you have the first 11 words in order, but you don't know where the 12th word belongs in the list, then the number of possibilities is 2048 X 12 = 24,576 possibilities since each of the 2048 words could be in any 1 of 12 possible positions.

There are quantities that are easy to say are "secure" such as 2048¹².  There are also quantities that are easy to say are "insecure" such as 2048¹.  Trying to find an exact line between the two where you can say that +1 = secure and -1 = insecure is impossible.  Instead, choose a number that is obviously secure, and then keep your entire seed a secret!  That way you won't have to guess if the seed is "secure enough".

[jerry0]

Hi there.  So you mean if someone has say the first 11 or 10 words of your seed, then that would mean they could brute force it very easily then?  Thus if they know 11 or 10 but even if they are not in order, then that would be pretty easy for them then?


Also another question.  When people say private keys, what does that mean?  Because thats not the same as the seed?  I read in another thread that someone mentioned a bitcoin private key is not the same as the seed.

[Xynerise]

Hi there.  So you mean if someone has say the first 11 or 10 words of your seed, then that would mean they could brute force it very easily then?  Thus if they know 11 or 10 but even if they are not in order, then that would be pretty easy for them then?

Yes.
You shouldn't give out any part of your seed at all.

Also another question.  When people say private keys, what does that mean?  Because thats not the same as the seed?  I read in another thread that someone mentioned a bitcoin private key is not the same as the seed.

A bitcoin private key is not a mnemonic seed but a mnemonic seed is equivalent to a set of private keys.
A mnemonic seed is a way to encode (represent) a bitcoin private key, and it is deterministic meaning that the same seed will always generate the same private key and thus the same bitcoin addres(es). (Which is why it's called a "seed": it will "grow" into the tree of bitcoin private keys)
It's also a one-way function: you can generate a private key from a seed but you can't generate a seed from a private key.
TL;DR: a mnemonic seed is an easy way to abstract (represent) bitcoin private keys for easy storage even though they're not literally the same they are equivalent because you can produce the private key from the seed.


You seem to have a lot of (basic) questions about bitcoin.
I suggest you read Andreas Antonopolous' book Mastering Bitcoin
It will help you a lot to learn about how bitcoin works.
You can get a soft copy from Amazon or you can read it online for free here:
https://github.com/bitcoinbook/bitcoinbook/blob/develop/book.asciidoc