|
virginorange (OP)
|
 |
July 10, 2023, 11:21:20 AM |
|
I would like to take 12 Bitcoin seed words and deterministically derive a PGP private public key pair
How can I do do this? I'd like to have a tool, which I can then use on a Tails OS not connected to the internet.
Background
I want to use BIP 85 to dervie all my important secrets including wallets and passwords.
BIP 85 takes your Bitcoin seed and dervies seeds for child wallets.
It is easy to dervie the child wallet seed from the parent wallet seed. However you can't realisticly dervive the parent seed from the child seed.
I use the parent seed for my cold storage and the child seed for my mobile wallet.
As a result I only have to back up one seed for two wallets.
|
Sicherheit für deine Familie, dich und deine BTC, dank der fundierten Sicherheits-Tipps der KryptoArche. Wir kaufen Bitcoin zum Vermögensaufbau oder zur Krisenvorsorge. Wir kaufen Bitcoin dezentral als Schutz vor Räubern, mit guter Historie und verwahren unsere Bitcoin sicher vor Verlust, Räubern und Dieben sowie versteckt Wir nutzen sichere Passwörter, Betriebssysteme, Software und sufen sicher. Sicher dir deinen kostenlosen Platz auf der KryptoArche! Die Zeit läuft ab! Steig ein, bevor es zu spät ist! Gemeinsam bleiben wir immer über Wasser!
|
|
|
|
|
|
|
|
|
|
The Bitcoin software, network, and concept is called "Bitcoin" with a capitalized "B". Bitcoin currency units are called "bitcoins" with a lowercase "b" -- this is often abbreviated BTC.
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
|
|
BitMaxz
Legendary
 Offline
Activity: 3248
Merit: 2965
Block halving is coming.
|
 |
July 10, 2023, 12:11:43 PM |
|
Are you planning to encrypt the backup 12 words seed using the PGP tool? Tails OS already has a PGP tool where you can encrypt your backup seed? I would suggest check this video on how to encrypt a message or just paste your backup seed inside to encrypt using the PGP tool. Does it look like you are using a coldcard wallet that supports BIP85? |
|
|
|
vv181
Legendary
Offline
Activity: 1932
Merit: 1273
|
Found this one for reference: https://github.com/jeffreybolle/deterministic-pgp-keys. You can build on your own to be used on Tails. Though, I don't know if it supports BIP 85, since it solely uses BIP39 for the seed generation/recovery. Do note that I just search around about your use case and found that repo. So I did know further about how secure is it. |
|
|
|
|
|
virginorange (OP)
|
|
July 10, 2023, 05:39:57 PM |
|
Thanks a lot, I will take a look at it. Though, I don't know if it supports BIP 85, since it solely uses BIP39 for the seed generation/recovery.
I use a hardware wallet do derive the child seeds. I don't need BIP 85 support to go from the child seed to a PGP key pair. Do note that I just search around about your use case and found that repo. So I did know further about how secure is it.
Maybe somebody more experienced on Bitcointalk has an answer here? |
Sicherheit für deine Familie, dich und deine BTC, dank der fundierten Sicherheits-Tipps der KryptoArche. Wir kaufen Bitcoin zum Vermögensaufbau oder zur Krisenvorsorge. Wir kaufen Bitcoin dezentral als Schutz vor Räubern, mit guter Historie und verwahren unsere Bitcoin sicher vor Verlust, Räubern und Dieben sowie versteckt Wir nutzen sichere Passwörter, Betriebssysteme, Software und sufen sicher. Sicher dir deinen kostenlosen Platz auf der KryptoArche! Die Zeit läuft ab! Steig ein, bevor es zu spät ist! Gemeinsam bleiben wir immer über Wasser!
|
|
|
hatshepsut93
Legendary
Offline
Activity: 2968
Merit: 2145
|
|
July 11, 2023, 12:03:33 AM |
|
This is probably not a good idea, because the space of possible seeds is 2^132 if you have 12 word seeds with 2048 possible words, while RSA uses 2048 or 4096-bit keys. You can only map 1 seed to 1 key deterministically, so if your algorithm is known to attacker, their attack against your RSA key will be more optimized than against a truly random key.
|
|
|
|
|
virginorange (OP)
|
|
July 11, 2023, 06:48:40 PM |
|
This is probably not a good idea, because the space of possible seeds is 2^132 if you have 12 word seeds with 2048 possible words, while RSA uses 2048 or 4096-bit keys. You can only map 1 seed to 1 key deterministically, so if your algorithm is known to attacker, their attack against your RSA key will be more optimized than against a truly random key.
Good point 12 seed words would have 2^128 entropy 24 seed words would have 2^256 entropy RSA has 2^2048 entropy RSA would be more secure than Bitcoin seed words However Bitcoin seed words, which secure vast amount of wealth, are difficult enough to brute force. Shouldn’t 256 bits of entropy (even 128 bits) be enough to derive a secure enough RSA key pair, secure enough for encrypting emails? |
Sicherheit für deine Familie, dich und deine BTC, dank der fundierten Sicherheits-Tipps der KryptoArche. Wir kaufen Bitcoin zum Vermögensaufbau oder zur Krisenvorsorge. Wir kaufen Bitcoin dezentral als Schutz vor Räubern, mit guter Historie und verwahren unsere Bitcoin sicher vor Verlust, Räubern und Dieben sowie versteckt Wir nutzen sichere Passwörter, Betriebssysteme, Software und sufen sicher. Sicher dir deinen kostenlosen Platz auf der KryptoArche! Die Zeit läuft ab! Steig ein, bevor es zu spät ist! Gemeinsam bleiben wir immer über Wasser!
|
|
|
hatshepsut93
Legendary
Offline
Activity: 2968
Merit: 2145
|
However Bitcoin seed words, which secure vast amount of wealth, are difficult enough to brute force.
Shouldn’t 256 bits of entropy (even 128 bits) be enough to derive a secure enough RSA key pair, secure enough for encrypting emails?
RSA Factoring ChallengeRSA works with larger keys, like 2048 bits, because 128 or 256 bits are no longer secure for RSA, while still being secure for elliptic curves. The seed-derived numbers might be 2048 bit long, but the possible space will be only 2^136, so there's a possibility for optimization of the prime factorization algorithm. I think that on practice you'll be relatively safe, because cracking such system would still require knowledge and effort, so if you don't have powerful enemies, your RSA keys probably won't be cracked. But it's better to always practice strong security and never grow overconfident. |
|
|
|
|
virginorange (OP)
|
|
July 12, 2023, 02:24:11 AM |
|
RSA works with larger keys, like 2048 bits, because 128 or 256 bits are no longer secure for RSA, while still being secure for elliptic curves. The seed-derived numbers might be 2048 bit long, but the possible space will be only 2^136, so there's a possibility for optimization of the prime factorization algorithm.
If the possible space is 2^136, wouldn’t 2^256 Bitcoin seed be enough? You would need a sort of mapping. Maybe you could estimate there are X prime numbers lower than the number Y. The Bitcoin seed gives you X. You estimate Y. From Y you search the next prime number, which you can use for RSA. Would this work? |
Sicherheit für deine Familie, dich und deine BTC, dank der fundierten Sicherheits-Tipps der KryptoArche. Wir kaufen Bitcoin zum Vermögensaufbau oder zur Krisenvorsorge. Wir kaufen Bitcoin dezentral als Schutz vor Räubern, mit guter Historie und verwahren unsere Bitcoin sicher vor Verlust, Räubern und Dieben sowie versteckt Wir nutzen sichere Passwörter, Betriebssysteme, Software und sufen sicher. Sicher dir deinen kostenlosen Platz auf der KryptoArche! Die Zeit läuft ab! Steig ein, bevor es zu spät ist! Gemeinsam bleiben wir immer über Wasser!
|
|
|
|
