Bitcoin Forum
November 09, 2024, 06:07:51 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Seeds deeply unsecure?  (Read 579 times)
Zocadas (OP)
Hero Member
*****
Offline Offline

Activity: 909
Merit: 508


View Profile
September 06, 2017, 11:54:40 AM
 #1

Many wallets support seeds for Bitcoin adresses with private keys. Good thing for smart backups and brainwallets.
But: As I made a backup and restored my wallet and gave in my seed, doubts came over me. Hopefully my thought is wrong. Would I have given the seed words in wrong order, I would have opened a wrong adress, if it would exist,because there is no additional security like to be asked for bitcoin adress or similar. So even people who dont want to steal/hack bitcoin wallets they could accidentally open other people's wallets. Is that right?
HCP
Legendary
*
Offline Offline

Activity: 2086
Merit: 4361

<insert witty quote here>


View Profile
September 06, 2017, 12:12:19 PM
 #2

The last word in a BIP39 seed mnemonic is a "checksum"... basically, it is checking to make sure that you haven't made any mistakes in the word order, or used a different word by mistake. Most wallets will detect if the checksum doesn't add up and tell you that the seed is invalid.

Go here: https://iancoleman.github.io/bip39/

Valid seed: lava tunnel trade release accuse orient swallow make flat cat crime timber
Invalid seed (words swapped): lava tunnel trade accuse release orient swallow make flat cat crime timber
Invalid seed (wrong word): lava tunnel trade release accuse orient swallow lake flat cat crime timber

Try and put in the valid seed, then try and put in the invalid seeds... it detects there is an error.

NOTE: DO NOT put your actual seed into that website unless you download a copy and run it offline (read "Offline Usage" instructions at the bottom of that website)

█████████████████████████
████▐██▄█████████████████
████▐██████▄▄▄███████████
████▐████▄█████▄▄████████
████▐█████▀▀▀▀▀███▄██████
████▐███▀████████████████
████▐█████████▄█████▌████
████▐██▌█████▀██████▌████
████▐██████████▀████▌████
█████▀███▄█████▄███▀█████
███████▀█████████▀███████
██████████▀███▀██████████
█████████████████████████
.
BC.GAME
▄▄░░░▄▀▀▄████████
▄▄▄
██████████████
█████░░▄▄▄▄████████
▄▄▄▄▄▄▄▄▄██▄██████▄▄▄▄████
▄███▄█▄▄██████████▄████▄████
███████████████████████████▀███
▀████▄██▄██▄░░░░▄████████████
▀▀▀█████▄▄▄███████████▀██
███████████████████▀██
███████████████████▄██
▄███████████████████▄██
█████████████████████▀██
██████████████████████▄
.
..CASINO....SPORTS....RACING..
█░░░░░░█░░░░░░█
▀███▀░░▀███▀░░▀███▀
▀░▀░░░░▀░▀░░░░▀░▀
░░░░░░░░░░░░
▀██████████
░░░░░███░░░░
░░█░░░███▄█░░░
░░██▌░░███░▀░░██▌
░█░██░░███░░░█░██
░█▀▀▀█▌░███░░█▀▀▀█▌
▄█▄░░░██▄███▄█▄░░▄██▄
▄███▄
░░░░▀██▄▀


▄▄████▄▄
▄███▀▀███▄
██████████
▀███▄░▄██▀
▄▄████▄▄░▀█▀▄██▀▄▄████▄▄
▄███▀▀▀████▄▄██▀▄███▀▀███▄
███████▄▄▀▀████▄▄▀▀███████
▀███▄▄███▀░░░▀▀████▄▄▄███▀
▀▀████▀▀████████▀▀████▀▀
Zocadas (OP)
Hero Member
*****
Offline Offline

Activity: 909
Merit: 508


View Profile
September 06, 2017, 12:43:17 PM
 #3

The last word in a BIP39 seed mnemonic is a "checksum"... basically, it is checking to make sure that you haven't made any mistakes in the word order, or used a different word by mistake. Most wallets will detect if the checksum doesn't add up and tell you that the seed is invalid.

Go here: https://iancoleman.github.io/bip39/

Valid seed: lava tunnel trade release accuse orient swallow make flat cat crime timber
Invalid seed (words swapped): lava tunnel trade accuse release orient swallow make flat cat crime timber
Invalid seed (wrong word): lava tunnel trade release accuse orient swallow lake flat cat crime timber

Try and put in the valid seed, then try and put in the invalid seeds... it detects there is an error.

NOTE: DO NOT put your actual seed into that website unless you download a copy and run it offline (read "Offline Usage" instructions at the bottom of that website)
Yes, but what if someone accidentally meets the right terms with right order to a vaild adress or hackers run a software that automates searching for valid seeds? To hack a known adress would take years with wallets but to target any valid seed, wouldn't that be the high risk for seed owners? Or tomeet accidentally any valid seed...
HCP
Legendary
*
Offline Offline

Activity: 2086
Merit: 4361

<insert witty quote here>


View Profile
September 06, 2017, 12:58:56 PM
Last edit: November 15, 2023, 08:43:04 AM by HCP
 #4

There are 2048 words in the English BIP39 wordlist... most wallets generate at least a 12 word seed... some use as many as 24 words...

this means that there are effectively 2048 * 2048 * 2048 * 2048 * 2048 * 2048 * 2048 * 2048 * 2048 * 2048 * 2048 * 2048 combinations... That is 204812... which is 5,444,517,870,735,015,415,413,993,718,908,291,383,296 seed combinations... as a MINIMUM. Also, not all combinations generate valid seeds.

So, the real question is...



█████████████████████████
████▐██▄█████████████████
████▐██████▄▄▄███████████
████▐████▄█████▄▄████████
████▐█████▀▀▀▀▀███▄██████
████▐███▀████████████████
████▐█████████▄█████▌████
████▐██▌█████▀██████▌████
████▐██████████▀████▌████
█████▀███▄█████▄███▀█████
███████▀█████████▀███████
██████████▀███▀██████████
█████████████████████████
.
BC.GAME
▄▄░░░▄▀▀▄████████
▄▄▄
██████████████
█████░░▄▄▄▄████████
▄▄▄▄▄▄▄▄▄██▄██████▄▄▄▄████
▄███▄█▄▄██████████▄████▄████
███████████████████████████▀███
▀████▄██▄██▄░░░░▄████████████
▀▀▀█████▄▄▄███████████▀██
███████████████████▀██
███████████████████▄██
▄███████████████████▄██
█████████████████████▀██
██████████████████████▄
.
..CASINO....SPORTS....RACING..
█░░░░░░█░░░░░░█
▀███▀░░▀███▀░░▀███▀
▀░▀░░░░▀░▀░░░░▀░▀
░░░░░░░░░░░░
▀██████████
░░░░░███░░░░
░░█░░░███▄█░░░
░░██▌░░███░▀░░██▌
░█░██░░███░░░█░██
░█▀▀▀█▌░███░░█▀▀▀█▌
▄█▄░░░██▄███▄█▄░░▄██▄
▄███▄
░░░░▀██▄▀


▄▄████▄▄
▄███▀▀███▄
██████████
▀███▄░▄██▀
▄▄████▄▄░▀█▀▄██▀▄▄████▄▄
▄███▀▀▀████▄▄██▀▄███▀▀███▄
███████▄▄▀▀████▄▄▀▀███████
▀███▄▄███▀░░░▀▀████▄▄▄███▀
▀▀████▀▀████████▀▀████▀▀
Zocadas (OP)
Hero Member
*****
Offline Offline

Activity: 909
Merit: 508


View Profile
September 06, 2017, 01:02:54 PM
 #5

There are 2048 words in the English BIP39 wordlist... most wallets generate at least a 12 word seed... some use as many as 24 words...

this means that there are effectively 2048 * 2048 * 2048 * 2048 * 2048 * 2048 * 2048 * 2048 * 2048 * 2048 * 2048 * 2048 combinations... That is 204812... which is 5,444,517,870,735,015,415,413,993,718,908,291,383,296 seed combinations... as a MINIMUM. Also, not all combinations generate valid seeds.

So, the real question is...


Thank you very much. That number clarifies the luck to get hack on own seed Smiley
aleksej996
Sr. Member
****
Offline Offline

Activity: 490
Merit: 389


Do not trust the government


View Profile
September 06, 2017, 01:49:52 PM
 #6

There are 2048 words in the English BIP39 wordlist... most wallets generate at least a 12 word seed... some use as many as 24 words...

this means that there are effectively 2048 * 2048 * 2048 * 2048 * 2048 * 2048 * 2048 * 2048 * 2048 * 2048 * 2048 * 2048 combinations... That is 204812... which is 5,444,517,870,735,015,415,413,993,718,908,291,383,296 seed combinations... as a MINIMUM. Also, not all combinations generate valid seeds.

So, the real question is...



So the point is that every word has a security of 11 bits. If the last one is a checksum then with 12 words you get 121 bits of security. Of course, due to a birthday attack, the chance of a collision is around 50% at a square root of generated addresses, which is around 61 bits. 61 bits is 2 quintillion (18 zeros).
There is around 7 billion people on Earth, so if everyone generates like 350 million addresses, there will be 50% chance of a collision.
Zocadas (OP)
Hero Member
*****
Offline Offline

Activity: 909
Merit: 508


View Profile
September 06, 2017, 03:23:36 PM
 #7

So brain wallet would be the safest to get not hacked?
ranochigo
Legendary
*
Offline Offline

Activity: 3038
Merit: 4420


Crypto Swap Exchange


View Profile
September 06, 2017, 03:39:49 PM
 #8

So brain wallet would be the safest to get not hacked?
No. The human brain naturally loves to have short cuts in remembering stuff. If you generate a brainwallet using a passphrase, it is very possible that the passphrase is weak and it can easily be cracked. This is true even if the brainwallet you generate uses an algorithm that takes more time to derive.

The safest way to not get hacked is just to create a wallet like everyone else.

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
btcdevil
Legendary
*
Offline Offline

Activity: 1302
Merit: 1027


View Profile
September 06, 2017, 04:47:33 PM
 #9

So brain wallet would be the safest to get not hacked?
No. The human brain naturally loves to have short cuts in remembering stuff. If you generate a brainwallet using a passphrase, it is very possible that the passphrase is weak and it can easily be cracked. This is true even if the brainwallet you generate uses an algorithm that takes more time to derive.

The safest way to not get hacked is just to create a wallet like everyone else.

What you said is true that brain wallet is not the safest but the seed key generated through software is the best option and what OP wanted to is not possible only 1 % chance in 100 and i think OP is lucky Smiley
Zocadas (OP)
Hero Member
*****
Offline Offline

Activity: 909
Merit: 508


View Profile
September 06, 2017, 10:32:52 PM
 #10

So brain wallet would be the safest to get not hacked?
No. The human brain naturally loves to have short cuts in remembering stuff. If you generate a brainwallet using a passphrase, it is very possible that the passphrase is weak and it can easily be cracked. This is true even if the brainwallet you generate uses an algorithm that takes more time to derive.

The safest way to not get hacked is just to create a wallet like everyone else.

What you said is true that brain wallet is not the safest but the seed key generated through software is the best option and what OP wanted to is not possible only 1 % chance in 100 and i think OP is lucky Smiley
But if I would remember the seed, then it would be the safest way to store the key, right?
What do you mean with 1% in 100?
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!