glub0x (OP)
Legendary
 Offline
Activity: 892
Merit: 1013
|
 |
August 12, 2017, 01:08:30 PM |
|
Hello,
If i have 16 words (in order) of a 24 words passphrase for a btc address,
And I also have the dictionary (10k words)from where the words jave been taken.
How hard would it be for me to find the 8 missing words via bruteforce?
|
The cost of mediation increases transaction costs, limiting the
minimum practical transaction size and cutting off the possibility for small casual transactionsSatoshi Nakamoto : https://bitcoin.org/bitcoin.pdf
|
|
|
|
Red-Apple
|
|
August 12, 2017, 01:18:07 PM |
|
Hello,
If i have 16 words (in order) of a 24 words passphrase for a btc address,
And I also have the dictionary (10k words)from where the words jave been taken.
How hard would it be for me to find the 8 missing words via bruteforce?
you are missing 8 words and you say each missing place can be 10K words. mathematically speaking that is 10K * 10K * 10K * 10K * 10K * 10K * 10K * 10K = 10K ^ 8 different possibilities. depending on your machine power you can calculate how long that would take. it is infinity. but bitcoin speaking if the total 24 words is the seed you are talking about then the dictionary is not 10K words, it is 2048 words if i am not mistaken which means the total words you need to check is 2048 ^ 8 = 3e+26 which is still ridiculously high. this also probably is infinity. |
--signature space for rent; sent PM--
|
|
|
Usui-Kun
Member
Offline
Activity: 224
Merit: 10
Streamity Decentralized cryptocurrency exchange
|
|
August 12, 2017, 01:29:34 PM |
|
Let's do some estimations and assumptions here: Assuming that the wallet or storage, as you may, encrypts your btc between estimated 10k words in the dictionary thus giving them equal weight or probability for the random picking of your 24-word passphrase which 8 are currently unknown.
Estimation starts here: How well do you remember the number of letters in the 8 missing words? are they less than six? seven? This may help you to lessen the estimated 10k words that your storage uses. Are the words commonly used? Do you see or use the words in your everyday life? This will eliminate those uncommon words.
Let's say that the elimination you did got rid off of the half of the 10k words you estimated, you have now 5k words to choose from.
The ways of choosing 8 words from the estimated 5000 can be computed by:
((5000!)/((8!)(4992!)) = 9.63 x 10^24. (I don't claim perfect knowledge)
If you can't imagine the number. There are about 7.5 x 10^18 grains of sand on Earth, and we already did some estimations! So goodluck with your quest, may you randomly pick your lucky 8 words.
|
|
|
|
glub0x (OP)
Legendary
Offline
Activity: 892
Merit: 1013
|
|
August 12, 2017, 02:03:24 PM |
|
Ok, I am trying to choose some number to build a 2 out of 3 paper wallet...
i came to this 10k^8 ( =10^32 right?) number aswell but i couldn't imagine if it is big enough for a computer to be able to bruteforce it... So, now i guess it is.
I find it very hard to imagine those number and compare it to anything...
This mean i could have a shorter passphrase. what size would still be safe? ( 10^7 ? 10^6 ?)
Thanks for help
|
The cost of mediation increases transaction costs, limiting the
minimum practical transaction size and cutting off the possibility for small casual transactionsSatoshi Nakamoto : https://bitcoin.org/bitcoin.pdf
|
|
|
pereira4
Legendary
Offline
Activity: 1610
Merit: 1183
|
|
August 12, 2017, 02:07:58 PM |
|
Hello,
If i have 16 words (in order) of a 24 words passphrase for a btc address,
And I also have the dictionary (10k words)from where the words jave been taken.
How hard would it be for me to find the 8 missing words via bruteforce?
Trying to bruteforce 8 missing letters from a password is insanely hard even with supercomputers. Im not sure how accurate this website is, but: http://calc.opensecurityresearch.com/according to it, setting the following settings: Password Length: 8 Keys per second: Raw SHA-256 - (2600K k/s) Charset [len:77]: lalhpa-numeric-all-space To brute force the entire keyspace it will take about 15 years 94 days 17 hours 3 minutes 45 seconds (1251995979594360 password combinations) But here's the thing, a 16 character lenght password: To brute force the entire keyspace it will take about 19 quadrillion years More specifically 18856483101931430 years 109 days 9 hours 25 minutes and 38 seconds (1.547136868856542e+30 password combinations) So 16 alphanumeric passwords should be safe for life. |
|
|
|
|
|
PokerFace3
|
|
August 12, 2017, 09:59:08 PM |
|
Let's do some estimations and assumptions here: Assuming that the wallet or storage, as you may, encrypts your btc between estimated 10k words in the dictionary thus giving them equal weight or probability for the random picking of your 24-word passphrase which 8 are currently unknown.
Estimation starts here: How well do you remember the number of letters in the 8 missing words? are they less than six? seven? This may help you to lessen the estimated 10k words that your storage uses. Are the words commonly used? Do you see or use the words in your everyday life? This will eliminate those uncommon words.
Let's say that the elimination you did got rid off of the half of the 10k words you estimated, you have now 5k words to choose from.
The ways of choosing 8 words from the estimated 5000 can be computed by:
((5000!)/((8!)(4992!)) = 9.63 x 10^24. (I don't claim perfect knowledge)
If you can't imagine the number. There are about 7.5 x 10^18 grains of sand on Earth, and we already did some estimations! So goodluck with your quest, may you randomly pick your lucky 8 words.
This method is definitely going to work. But I don’t think so he remembers any of 8 missing places. I just hope he is that lucky. The number of possible combination is correct. In case of 5k, it will be simply 5k exponent 8 as any of 5k words can take any of 8 available places. Also, he is talking about dictionary attack in which you pick up some of words as you have described. And he already has one. Brute force includes all possible combinations and sorry to say, in case of 10k it is pretty time consuming to check all of them. I just hope he can found some other recovery way. Also I suggest writing such important words somewhere. Man you have some big phrase there and a lot of work to do! |
|
|
|
|
BitcoinBallerina
Full Member
Offline
Activity: 308
Merit: 100
Presale is live!
|
|
August 12, 2017, 10:51:01 PM |
|
Hello,
If i have 16 words (in order) of a 24 words passphrase for a btc address,
And I also have the dictionary (10k words)from where the words jave been taken.
How hard would it be for me to find the 8 missing words via bruteforce?
Would not be possible on your local machine, that is certain. However, a professional company might be able to help crack it for you. |
|
|
|
hatshepsut93
Legendary
Offline
Activity: 2996
Merit: 2148
|
|
August 12, 2017, 11:00:04 PM
Last edit: August 13, 2017, 12:02:16 AM by hatshepsut93 |
|
There's a lot of good responses here already, but I want to add that password strength is usually measured in bits of enthropy, for easier comparison with recommended values of security level. For a long time 80 bits of security were considered the minimum requirement, but now this number was increased to 112 bits. So, how many bits there are in your example? Well, the formula is easy -  Your L is 8, while your N is 10,000, so H = 106.3 This means that it's unlikely to get brute forced now, but it might become crackable in 10-20 years with your home pc. |
|
|
|
|
|
An0nyMoose
|
|
August 13, 2017, 12:14:01 AM |
|
Let's do some estimations and assumptions here: Assuming that the wallet or storage, as you may, encrypts your btc between estimated 10k words in the dictionary thus giving them equal weight or probability for the random picking of your 24-word passphrase which 8 are currently unknown.
Estimation starts here: How well do you remember the number of letters in the 8 missing words? are they less than six? seven? This may help you to lessen the estimated 10k words that your storage uses. Are the words commonly used? Do you see or use the words in your everyday life? This will eliminate those uncommon words.
Let's say that the elimination you did got rid off of the half of the 10k words you estimated, you have now 5k words to choose from.
The ways of choosing 8 words from the estimated 5000 can be computed by:
((5000!)/((8!)(4992!)) = 9.63 x 10^24. (I don't claim perfect knowledge)
If you can't imagine the number. There are about 7.5 x 10^18 grains of sand on Earth, and we already did some estimations! So goodluck with your quest, may you randomly pick your lucky 8 words.
Your calculations easily prove that this would not be possible. OP needs to remember a few more words to make it possible. I think with 4 or 5 missing, it might be. |
|
|
|
glub0x (OP)
Legendary
Offline
Activity: 892
Merit: 1013
|
|
August 13, 2017, 06:18:07 AM |
|
There's a lot of good responses here already, but I want to add that password strength is usually measured in bits of enthropy, for easier comparison with recommended values of security level. For a long time 80 bits of security were considered the minimum requirement, but now this number was increased to 112 bits. So, how many bits there are in your example? Well, the formula is easy - Your L is 8, while your N is 10,000, so H = 106.3 This means that it's unlikely to get brute forced now, but it might become crackable in 10-20 years with your home pc. ok thanks sir, perfect answer. |
The cost of mediation increases transaction costs, limiting the
minimum practical transaction size and cutting off the possibility for small casual transactionsSatoshi Nakamoto : https://bitcoin.org/bitcoin.pdf
|
|
|
|
nagobinga
|
|
September 05, 2017, 07:05:40 PM |
|
I do not know the storage but in my opinion very safe certainly not easy people will take it and very confidential.
|
|
|
|
|
|
bitart
|
|
September 05, 2017, 08:16:37 PM |
|
There's a lot of good responses here already, but I want to add that password strength is usually measured in bits of enthropy, for easier comparison with recommended values of security level. For a long time 80 bits of security were considered the minimum requirement, but now this number was increased to 112 bits. So, how many bits there are in your example? Well, the formula is easy - Your L is 8, while your N is 10,000, so H = 106.3 This means that it's unlikely to get brute forced now, but it might become crackable in 10-20 years with your home pc. ok thanks sir, perfect answer. You haven't revealed what was the main idea behind your question, but if it's like you will write down a part of the seed and store it somewhere (in)secure place, and you don't want your coins got stolen if someone finds the seed, there are some other methods to store your seed safely. E.g. you can write down your entire seed, but in alphabetical order, and the only thing you need to memorize is the order of the words in the seed. Or you can just write down the seed in the original order, but at the end, you swap two words (preferabely not the first and the last), and noone will know which words to swap to get back the original seed. Or (when words are in the original order), write an extra word somewhere in the seed, and you should only remember the additional word, which is not part of the seed. You only need to be 100% sure that you will remember what to do. |
|
|
|
|
|
