Do passphrases protect against leaks or compromises of mnemonic seed words? Why are brain wallets usually insecure? Why should you not “roll your own …
31 Comments
Have you traded with any forex or binary options broker either regulated or unregulated and when it got to the point of making withdrawals of your invested money all transactions got ceased up? Feel free to contact Mr Robert Smith He's an expert in trading and had helped a lot of traders including myself recover their lost funds Contact him via his telegram @Robertsmith1994
bcrypt was designed to be slow such that a hacker must wait a long time to decrypt and thus makes a hack even much less profitable over billions of iterations.
I disagree with Andreas here. If the passphrase is cryptographically strong, i.e. 128 to 256 bits of entropy, then publishing the seed does not compromise the security. A 256 bits of entropy seed plus a 256 bits of entropy passphrase yields you a 512 bits of entropy. Giving up 256 bits (the seed) leaves you with 256 bits (the passphrase) and you're still good. In other words: A published 24-seed + 256 bits passphrase is equal to a 24-seed without a passphrase. Both have 256 bits of entropy.
Ideally, one would use a 24-word-seed and a differently created 128+ bits passphrase (like a 12+ word diceware passphrase) and of course keep both secure and offline. The advantage is, should it turn out that the RNG of the hardware used was weak, you at least have the entropy of the passphrase, which is enough if it's 128+ bits.
Also: @8:20 128 bits of entropy is also unbruteforceable. In practical terms, there's no security difference between 256 and 128 bits of entropy, even less when key stretching is applied. Most wallets use a 12 word seed, which equals "only" 128 bits of entropy, anyway.
Change my mind.
PS: But that being said: don't fucking invent your own crypto.
But half a seed representing 128 bits is still more than enough, isn't it? You just said, seeds are 12 to 24 words. So half of a 24 word should still be plenty secure?
It's curious because at Honeybadger 2018 the Trezor dev said the same thing so you are probably correct. But why?
Can you tell me lets say I keep my 24 word key secure and add a word for my passphrase. How secure would that second wallet be? Assuming they don't assume a 25th passphase and they dont have the 24 word seed?
So does this mean that using the 12 word seed with the trezor model-t is significantly less secure than a Trezor one with a 24-word seed? The model-t only allows for generating a 12 word seed (via GUI) so it would seem trezor’s new product is bad purchase unless you have an existing 24-word seed you can input? If I have a ledger nano s should I just generate the seed on there and then input that into the trezor model-t or is that not advisable Incase ledger has an unknown vulnerability which would essentially make it like putting all your eggs in one basket?
Have you traded with any forex or binary options broker either regulated or unregulated and when it got to the point of making withdrawals of your invested money all transactions got ceased up? Feel free to contact Mr Robert Smith
He's an expert in trading and had helped a lot of traders including myself recover their lost funds
Contact him via his telegram @Robertsmith1994
thanks for great content.
I recommend johnthomas1876 on In sta gram his an expect he helped me
So are 12 word seeds not sufficiently safe…?
Any thoughts on BC VAULT wallet? Thx👍
Thanks for the video!
bcrypt was designed to be slow such that a hacker must wait a long time to decrypt and thus makes a hack even much less profitable over billions of iterations.
10:55 "erased it from the web" ha ha ha ha ha ha ha!
0:00
I disagree with Andreas here. If the passphrase is cryptographically strong, i.e. 128 to 256 bits of entropy, then publishing the seed does not compromise the security. A 256 bits of entropy seed plus a 256 bits of entropy passphrase yields you a 512 bits of entropy. Giving up 256 bits (the seed) leaves you with 256 bits (the passphrase) and you're still good. In other words: A published 24-seed + 256 bits passphrase is equal to a 24-seed without a passphrase. Both have 256 bits of entropy.
Ideally, one would use a 24-word-seed and a differently created 128+ bits passphrase (like a 12+ word diceware passphrase) and of course keep both secure and offline. The advantage is, should it turn out that the RNG of the hardware used was weak, you at least have the entropy of the passphrase, which is enough if it's 128+ bits.
Also: @8:20
128 bits of entropy is also unbruteforceable. In practical terms, there's no security difference between 256 and 128 bits of entropy, even less when key stretching is applied. Most wallets use a 12 word seed, which equals "only" 128 bits of entropy, anyway.
Change my mind.
PS: But that being said: don't fucking invent your own crypto.
11:40 how to
But half a seed representing 128 bits is still more than enough, isn't it?
You just said, seeds are 12 to 24 words. So half of a 24 word should still be plenty secure?
It's curious because at Honeybadger 2018 the Trezor dev said the same thing so you are probably correct. But why?
Can you tell me lets say I keep my 24 word key secure and add a word for my passphrase. How secure would that second wallet be? Assuming they don't assume a 25th passphase and they dont have the 24 word seed?
WRONG – many wallets use 12 seed-words, like Trezor T, so i wonder why AA * really * tried to emphasis that ???…
12:50 password different from seed
Hi Andreas! Can you please cover the current bug report:
https://bitcoincore.org/en/2018/09/20/notice/
Its hard to understand what this actually means today.
Does this bug mean that today some malicious miner that didn't update can print new bitcoin?
secondly, If someone does create additional bitcoin than is suppose to be made… is there a way to tell that its in the system?
Love the foreground and background. Much nicer to watch.
Using quantum grammar in your titles,!? Nice touch A,😉
"Your money's gone…" LOL. "Don't roll your own crypto"
Andreas are there any hardware wallets you would recommend?
The channel named Crypo's Price Forecast mirrors your content and monetizes it by selling adds.
Can you steelman Bitcoin Cash then explain why it's either: a scam, an attack or otherwise illegitimate or inferior to Bitcoin?
I used Shamirs Secret Sharing to cut my seed into a 3 of 5 that is distributed in different locations. What is your opinion on that?
Eres la daga Andreas
So does this mean that using the 12 word seed with the trezor model-t is significantly less secure than a Trezor one with a 24-word seed? The model-t only allows for generating a 12 word seed (via GUI) so it would seem trezor’s new product is bad purchase unless you have an existing 24-word seed you can input? If I have a ledger nano s should I just generate the seed on there and then input that into the trezor model-t or is that not advisable Incase ledger has an unknown vulnerability which would essentially make it like putting all your eggs in one basket?
Ledgers do not have passphrases…hmmm…
Andreas, I like the laid back camera angle. Nice
Thank you Andreas…..
watched liked & shared = true
Greetings from Africa Kenya
So far no trolling the new set up. 👏🏼
What about BitFi wallet ? how to storage or protect funds that are needed to be used regularly for trading, etc.!?