Bitcoin Forum
December 15, 2024, 02:46:06 PM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Btc storage question  (Read 472 times)
glub0x (OP)
Legendary
*
Offline Offline

Activity: 892
Merit: 1013



View Profile
August 12, 2017, 01:08:30 PM
 #1

Hello,
If i have 16 words (in order) of a 24 words passphrase for a btc address,
And I also have the dictionary (10k words)from where the words jave been taken.

How hard would it be for me to find the 8 missing words via bruteforce?

The cost of mediation increases transaction costs, limiting the
minimum practical transaction size and cutting off the possibility for small casual transactions

Satoshi Nakamoto : https://bitcoin.org/bitcoin.pdf
Red-Apple
Hero Member
*****
Offline Offline

Activity: 1470
Merit: 655


View Profile
August 12, 2017, 01:18:07 PM
 #2

Hello,
If i have 16 words (in order) of a 24 words passphrase for a btc address,
And I also have the dictionary (10k words)from where the words jave been taken.

How hard would it be for me to find the 8 missing words via bruteforce?

you are missing 8 words and you say each missing place can be 10K words. mathematically speaking that is
10K * 10K * 10K * 10K * 10K * 10K * 10K * 10K = 10K ^ 8 different possibilities. depending on your machine power you can calculate how long that would take. it is infinity.

but bitcoin speaking if the total 24 words is the seed you are talking about then the dictionary is not 10K words, it is 2048 words if i am not mistaken which means the total words you need to check is 2048 ^ 8 = 3e+26
which is still ridiculously high. this also probably is infinity.

--signature space for rent; sent PM--
Usui-Kun
Member
**
Offline Offline

Activity: 224
Merit: 10

Streamity Decentralized cryptocurrency exchange


View Profile
August 12, 2017, 01:29:34 PM
 #3

Let's do some estimations and assumptions here: Assuming that the wallet or storage, as you may, encrypts your btc between estimated 10k words in the dictionary thus giving them equal weight or probability for the random picking of your 24-word passphrase which 8 are currently unknown.

Estimation starts here: How well do you remember the number of letters in the 8 missing words? are they less than six? seven? This may help you to lessen the estimated 10k words that your storage uses. Are the words commonly used? Do you see or use the words in your everyday life? This will eliminate those uncommon words.

Let's say that the elimination you did got rid off of the half of the 10k words you estimated, you have now 5k words to choose from.
The ways of choosing 8 words from the estimated 5000 can be computed by:
((5000!)/((8!)(4992!)) = 9.63 x 10^24. (I don't claim perfect knowledge)

If you can't imagine the number. There are about 7.5 x 10^18 grains of sand on Earth, and we already did some estimations! So goodluck with your quest, may you randomly pick your lucky 8 words.

glub0x (OP)
Legendary
*
Offline Offline

Activity: 892
Merit: 1013



View Profile
August 12, 2017, 02:03:24 PM
 #4

Ok, I am trying to choose some number to build a 2 out of 3 paper wallet...

i came to this 10k^8 ( =10^32 right?) number aswell but i couldn't imagine if it is big enough for a computer to be able to bruteforce it... So, now i guess it is.
I find it very hard to imagine those number and compare it to anything...

This mean i could have a shorter passphrase. what size would still be safe? ( 10^7 ? 10^6 ?)

Thanks for help

The cost of mediation increases transaction costs, limiting the
minimum practical transaction size and cutting off the possibility for small casual transactions

Satoshi Nakamoto : https://bitcoin.org/bitcoin.pdf
pereira4
Legendary
*
Offline Offline

Activity: 1610
Merit: 1183


View Profile
August 12, 2017, 02:07:58 PM
 #5

Hello,
If i have 16 words (in order) of a 24 words passphrase for a btc address,
And I also have the dictionary (10k words)from where the words jave been taken.

How hard would it be for me to find the 8 missing words via bruteforce?

Trying to bruteforce 8 missing letters from a password is insanely hard even with supercomputers.

Im not sure how accurate this website is, but:

http://calc.opensecurityresearch.com/

according to it, setting the following settings:

Password Length: 8
Keys per second: Raw SHA-256 - (2600K k/s)
Charset [len:77]: lalhpa-numeric-all-space

To brute force the entire keyspace it will take about

15 years 94 days 17 hours 3 minutes 45 seconds

(1251995979594360 password combinations)

But here's the thing, a 16 character lenght password:

To brute force the entire keyspace it will take about

19 quadrillion years

More specifically
18856483101931430 years 109 days 9 hours 25 minutes and 38 seconds

(1.547136868856542e+30 password combinations)

So 16 alphanumeric passwords should be safe for life.
PokerFace3
Hero Member
*****
Offline Offline

Activity: 700
Merit: 500



View Profile
August 12, 2017, 09:59:08 PM
 #6

Let's do some estimations and assumptions here: Assuming that the wallet or storage, as you may, encrypts your btc between estimated 10k words in the dictionary thus giving them equal weight or probability for the random picking of your 24-word passphrase which 8 are currently unknown.

Estimation starts here: How well do you remember the number of letters in the 8 missing words? are they less than six? seven? This may help you to lessen the estimated 10k words that your storage uses. Are the words commonly used? Do you see or use the words in your everyday life? This will eliminate those uncommon words.

Let's say that the elimination you did got rid off of the half of the 10k words you estimated, you have now 5k words to choose from.
The ways of choosing 8 words from the estimated 5000 can be computed by:
((5000!)/((8!)(4992!)) = 9.63 x 10^24. (I don't claim perfect knowledge)

If you can't imagine the number. There are about 7.5 x 10^18 grains of sand on Earth, and we already did some estimations! So goodluck with your quest, may you randomly pick your lucky 8 words.
This method is definitely going to work. But I don’t think so he remembers any of 8 missing places. I just hope he is that lucky. The number of possible combination is correct. In case of 5k, it will be simply 5k exponent 8 as any of 5k words can take any of 8 available places. Also, he is talking about dictionary attack in which you pick up some of words as you have described. And he already has one. Brute force includes all possible combinations and sorry to say, in case of 10k it is pretty time consuming to check all of them. I just hope he can found some other recovery way. Also I suggest writing such important words somewhere. Man you have some big phrase there and a lot of work to do!
BitcoinBallerina
Full Member
***
Offline Offline

Activity: 308
Merit: 100


Presale is live!


View Profile
August 12, 2017, 10:51:01 PM
 #7

Hello,
If i have 16 words (in order) of a 24 words passphrase for a btc address,
And I also have the dictionary (10k words)from where the words jave been taken.

How hard would it be for me to find the 8 missing words via bruteforce?

Would not be possible on your local machine, that is certain.

However, a professional company might be able to help crack it for you.

hatshepsut93
Legendary
*
Offline Offline

Activity: 3038
Merit: 2162


View Profile
August 12, 2017, 11:00:04 PM
Last edit: August 13, 2017, 12:02:16 AM by hatshepsut93
 #8

There's a lot of good responses here already, but I want to add that password strength is usually measured in bits of enthropy, for easier comparison with recommended values of security level. For a long time 80 bits of security were considered the minimum requirement, but now this number was increased to 112 bits.

So, how many bits there are in your example? Well, the formula is easy -



Your L is 8, while your N is 10,000, so H = 106.3

This means that it's unlikely to get brute forced now, but it might become crackable in 10-20 years with your home pc.
An0nyMoose
Sr. Member
****
Offline Offline

Activity: 490
Merit: 255



View Profile
August 13, 2017, 12:14:01 AM
 #9

Let's do some estimations and assumptions here: Assuming that the wallet or storage, as you may, encrypts your btc between estimated 10k words in the dictionary thus giving them equal weight or probability for the random picking of your 24-word passphrase which 8 are currently unknown.

Estimation starts here: How well do you remember the number of letters in the 8 missing words? are they less than six? seven? This may help you to lessen the estimated 10k words that your storage uses. Are the words commonly used? Do you see or use the words in your everyday life? This will eliminate those uncommon words.

Let's say that the elimination you did got rid off of the half of the 10k words you estimated, you have now 5k words to choose from.
The ways of choosing 8 words from the estimated 5000 can be computed by:
((5000!)/((8!)(4992!)) = 9.63 x 10^24. (I don't claim perfect knowledge)

If you can't imagine the number. There are about 7.5 x 10^18 grains of sand on Earth, and we already did some estimations! So goodluck with your quest, may you randomly pick your lucky 8 words.

Your calculations easily prove that this would not be possible.

OP needs to remember a few more words to make it possible. I think with 4 or 5 missing, it might be.

Blockonomics                          ██
                         ████  ██
   
          ▄▄▄███████▄▄▄ ████  ████  ██
      ▄▄█████████████████▄▄  ████  ████
    ▄█████▀▀         ▀▀█████▄ ██  ████
   ████▀                 ▀████   ████
  ████      ████████▄      ████ ████
 ████        ██    ██▄      ████ ██
████         ██     ██       ████
████         ██   ▄██▀       ████
████         ███████         ████
████         ██    ██▄       ████
████         ██     ██       ████
 ████        ██    ██▀      ████
  ████      ████████▀      ████
   ████▄                 ▄████
    ▀█████▄▄         ▄▄█████▀
      ▀▀█████████████████▀▀
          ▀▀▀███████▀▀▀
glub0x (OP)
Legendary
*
Offline Offline

Activity: 892
Merit: 1013



View Profile
August 13, 2017, 06:18:07 AM
 #10

There's a lot of good responses here already, but I want to add that password strength is usually measured in bits of enthropy, for easier comparison with recommended values of security level. For a long time 80 bits of security were considered the minimum requirement, but now this number was increased to 112 bits.

So, how many bits there are in your example? Well, the formula is easy -



Your L is 8, while your N is 10,000, so H = 106.3

This means that it's unlikely to get brute forced now, but it might become crackable in 10-20 years with your home pc.
ok thanks sir, perfect answer.

The cost of mediation increases transaction costs, limiting the
minimum practical transaction size and cutting off the possibility for small casual transactions

Satoshi Nakamoto : https://bitcoin.org/bitcoin.pdf
nagobinga
Full Member
***
Offline Offline

Activity: 476
Merit: 100



View Profile
September 05, 2017, 07:05:40 PM
 #11

I do not know the storage but in my opinion very safe certainly not easy people will take it and very confidential.
bitart
Hero Member
*****
Offline Offline

Activity: 1442
Merit: 629


Vires in Numeris


View Profile
September 05, 2017, 08:16:37 PM
 #12

There's a lot of good responses here already, but I want to add that password strength is usually measured in bits of enthropy, for easier comparison with recommended values of security level. For a long time 80 bits of security were considered the minimum requirement, but now this number was increased to 112 bits.

So, how many bits there are in your example? Well, the formula is easy -



Your L is 8, while your N is 10,000, so H = 106.3

This means that it's unlikely to get brute forced now, but it might become crackable in 10-20 years with your home pc.
ok thanks sir, perfect answer.

You haven't revealed what was the main idea behind your question, but if it's like you will write down a part of the seed and store it somewhere (in)secure place, and you don't want your coins got stolen if someone finds the seed, there are some other methods to store your seed safely.
E.g. you can write down your entire seed, but in alphabetical order, and the only thing you need to memorize is the order of the words in the seed.
Or you can just write down the seed in the original order, but at the end, you swap two words (preferabely not the first and the last), and noone will know which words to swap to get back the original seed. Or (when words are in the original order), write an extra word somewhere in the seed, and you should only remember the additional word, which is not part of the seed.
You only need to be 100% sure that you will remember what to do.
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!