From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id 9685A1060 for ; Tue, 9 Jan 2018 12:45:08 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.7.6 Received: from mail-lf0-f65.google.com (mail-lf0-f65.google.com [209.85.215.65]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 5CCB8A3 for ; Tue, 9 Jan 2018 12:45:07 +0000 (UTC) Received: by mail-lf0-f65.google.com with SMTP id z124so5365856lfd.10 for ; Tue, 09 Jan 2018 04:45:07 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:references:from:message-id:date:user-agent:mime-version :in-reply-to:content-language; bh=yW8Rs/Vv2rGOaAjd81NpUbmR4gW3lBTg6ahJfNekq58=; b=fuhQpgXkOs1mnQtJe2SE0h15DyH5lRflgNezv1v2JiuuJEet6cBnpPR6fbn3Ny21VM /hIvCMRDfh4/eL+KXQaMMd8I2MefXSsiVvotJ6N4cPpzUTU/2JkNMP82LfktT7sT3ory EQM5+hStnTYtaYOxnfRtgPHsXsIQTdDPKqYb3Qz/sm/ozp6+/VUDJvDNT6/bJBoNke/+ flyFqtk74fczQK6ItyhM5cG0/XEZwEu62jSFCaPL867AgC8IRCx8tWk5KWRWENITvlZC VOXEZ7xYV5YBzdzv/RBf65TfmZF+bpTHXJ5lmVLppBGdFu0XYy7ZhbBXhzQWWmQ2VXxV ahug== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language; bh=yW8Rs/Vv2rGOaAjd81NpUbmR4gW3lBTg6ahJfNekq58=; b=iPLzmIvsT4Af9F8uQW0JqPpVNdP0pQJh4pUxT5E7F2EpdUFlTm4a/5R9NsV19p8uX+ kaCm7WoTQuwOpGTipERxjYFO/jIAJHa4Llz1SFIdDZBbG2u438CoKxRIVUVeC3ILAy0A gqrH8eJmSIw2S+rIoaRpJYXEwl03GqrLGWCs0sjlh/9m3TLurHOsgmzVqAmrMxZ5jOH+ yCULlS5FRaHgVmIVpOw4w8VnYXLmOr9pL/6XPdpMk6X/5kKiZRRTvO3rJq6mFYmgxD0y WqW+4MDteECA3NQn3UGTWydojC2dImpZJhPnsV70DTrqaaMhOFHA/wONUgNOpCu70l1l m2EQ== X-Gm-Message-State: AKGB3mL3ufXeGYQOvTaS0cGYGgNSraebhXafwG56oKiav43TvspAaOXM gW+9IoKxbz5dvNOWHk9k2DsQC5FH X-Google-Smtp-Source: ACJfBosQZhbPHwiVCayIUpM06kSF1zoIaGN6cPdIaq00qY1u45wfWfHlPE0dBxmUborSyPz1dkW38g== X-Received: by 10.46.8.89 with SMTP id g25mr8897760ljd.6.1515501905796; Tue, 09 Jan 2018 04:45:05 -0800 (PST) Received: from [10.101.2.87] ([176.12.107.140]) by smtp.gmail.com with ESMTPSA id a71sm2844390ljf.6.2018.01.09.04.45.02 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 09 Jan 2018 04:45:05 -0800 (PST) To: Peter Todd , Bitcoin Protocol Discussion , Rhavar References: <20180109011335.GA22039@savin.petertodd.org> From: jens Message-ID: <29ef320d-e758-e00b-1be2-c1eae43de167@gmail.com> Date: Tue, 9 Jan 2018 12:44:56 +0000 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.5.2 MIME-Version: 1.0 In-Reply-To: <20180109011335.GA22039@savin.petertodd.org> Content-Type: multipart/alternative; boundary="------------9002E91FDADF57706D05E192" Content-Language: en-US X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, FREEMAIL_FROM, HTML_MESSAGE, RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org X-Mailman-Approved-At: Tue, 09 Jan 2018 15:11:47 +0000 Subject: Re: [bitcoin-dev] Satoshilabs secret shared private key scheme X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 09 Jan 2018 12:45:08 -0000 This is a multi-part message in MIME format. --------------9002E91FDADF57706D05E192 Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 8bit > Trezor's "plausible deniability" scheme could very well result in you going to > jail for lying to border security, because it's so easy for them to simply > brute force alternate passwords based on your seeds. With that, they have proof > that you lied to customs, a serious offense. The passphrase scheme as I understand it allows a maximum of 50 characters to be used.  Surely even with the HD seed, that search space is too large to brute force.  Or is there a weakness in the scheme I haven't clocked? On 09/01/18 01:13, Peter Todd via bitcoin-dev wrote: > On Mon, Jan 08, 2018 at 07:40:38PM -0500, Rhavar via bitcoin-dev wrote: >> I think you're under-appreciating how useful the "plausible deniability". Someone I know was (solo) traveling to the United States when a border agent asked her to unlocked her phone; thumbed through her apps, ended up finding tinder and went through all her recent conversations to make sure she wasn't involved in any "pay for sex things". >> >> In the same light, I travel frequently and constantly have my trezor on me. If I am asked to unlock it, I will have no problems doing so (as refusal will no doubt lead to deportation) and showing my personal wallet (which sadly hasn't had much use since fees became ridiculous). > Trezor's "plausible deniability" scheme could very well result in you going to > jail for lying to border security, because it's so easy for them to simply > brute force alternate passwords based on your seeds. With that, they have proof > that you lied to customs, a serious offense. > > I would strongly advise you not to use it in that situation. > > > > _______________________________________________ > bitcoin-dev mailing list > bitcoin-dev@lists.linuxfoundation.org > https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev --------------9002E91FDADF57706D05E192 Content-Type: text/html; charset=windows-1252 Content-Transfer-Encoding: 8bit


Trezor's "plausible deniability" scheme could very well result in you going to
jail for lying to border security, because it's so easy for them to simply
brute force alternate passwords based on your seeds. With that, they have proof
that you lied to customs, a serious offense.
The passphrase scheme as I understand it allows a maximum of 50 characters to be used.  Surely even with the HD seed, that search space is too large to brute force.  Or is there a weakness in the scheme I haven't clocked?

On 09/01/18 01:13, Peter Todd via bitcoin-dev wrote:
On Mon, Jan 08, 2018 at 07:40:38PM -0500, Rhavar via bitcoin-dev wrote:
I think you're under-appreciating how useful the "plausible deniability". Someone I know was (solo) traveling to the United States when a border agent asked her to unlocked her phone; thumbed through her apps, ended up finding tinder and went through all her recent conversations to make sure she wasn't involved in any "pay for sex things".

In the same light, I travel frequently and constantly have my trezor on me. If I am asked to unlock it, I will have no problems doing so (as refusal will no doubt lead to deportation) and showing my personal wallet (which sadly hasn't had much use since fees became ridiculous).
Trezor's "plausible deniability" scheme could very well result in you going to
jail for lying to border security, because it's so easy for them to simply
brute force alternate passwords based on your seeds. With that, they have proof
that you lied to customs, a serious offense.

I would strongly advise you not to use it in that situation.



_______________________________________________
bitcoin-dev mailing list
bitcoin-dev@lists.linuxfoundation.org
https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev

--------------9002E91FDADF57706D05E192--