What I have in mind is in my latest reply (difficult to have some kind of fluent discussions on this list given the moderation and delayed posts)

I would just add that the derivation method (indeed something like what you are sketching below) should estimate that there is enough entropy from the secret, if not just throw

Le 02/01/2019 à 19:06, James MacWhyte via bitcoin-dev a écrit :
On Wed, Jan 2, 2019 at 3:40 AM Alan Evans via bitcoin-dev <bitcoin-dev@lists.linuxfoundation.org> wrote:

I think any method that doesn't use real entropy, but some fake source of randomness, such as a book is asking to be hacked and so is not a reasonable idea.

If an algorithm for book text to BIP39 sentence ever became well used, common books will be systematically searched for accounts. People will also choose their favourite passages, so I would expect to see collisions.


I tend to have this conversation a lot ;) I'm not sure what Aymeric has in mind, but my suggestions are for use by the small few who properly understand how these things work. I am not suggesting blockchain.info require every user to choose a book passage to use as their backup phrase!

There are so many small things that could be done to make a text input unique. Choose the X number of words from the start of the Nth sentence. Replace all punctuation with exclamation points. Combine two sentences from different pages. It would be nigh impossible to brute force any of these, and would require hints/instructions from the owner to recover.

But I admit if this is not intended for standardization, discussing it on this mailing list is probably unwarranted.

_______________________________________________
bitcoin-dev mailing list
bitcoin-dev@lists.linuxfoundation.org
https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev

-- 
Move your coins by yourself (browser version): https://peersm.com/wallet
Bitcoin transactions made simple: https://github.com/Ayms/bitcoin-transactions
Zcash wallets made simple: https://github.com/Ayms/zcash-wallets
Bitcoin wallets made simple: https://github.com/Ayms/bitcoin-wallets
Get the torrent dynamic blocklist: http://peersm.com/getblocklist
Check the 10 M passwords list: http://peersm.com/findmyass
Anti-spies and private torrents, dynamic blocklist: http://torrent-live.org
Peersm : http://www.peersm.com
torrent-live: https://github.com/Ayms/torrent-live
node-Tor : https://www.github.com/Ayms/node-Tor
GitHub : https://www.github.com/Ayms