From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from smtp4.osuosl.org (smtp4.osuosl.org [140.211.166.137]) by lists.linuxfoundation.org (Postfix) with ESMTP id 633B6C002D for ; Fri, 8 Jul 2022 14:09:22 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp4.osuosl.org (Postfix) with ESMTP id 3AAB5425C9 for ; Fri, 8 Jul 2022 14:09:22 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp4.osuosl.org 3AAB5425C9 Authentication-Results: smtp4.osuosl.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20210112 header.b=AFWmlMMk X-Virus-Scanned: amavisd-new at osuosl.org X-Spam-Flag: NO X-Spam-Score: -2.098 X-Spam-Level: X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from smtp4.osuosl.org ([127.0.0.1]) by localhost (smtp4.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ANgREO7GeYwd for ; Fri, 8 Jul 2022 14:09:21 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.8.0 DKIM-Filter: OpenDKIM Filter v2.11.0 smtp4.osuosl.org 3B7E0425C8 Received: from mail-pl1-x62e.google.com (mail-pl1-x62e.google.com [IPv6:2607:f8b0:4864:20::62e]) by smtp4.osuosl.org (Postfix) with ESMTPS id 3B7E0425C8 for ; Fri, 8 Jul 2022 14:09:21 +0000 (UTC) Received: by mail-pl1-x62e.google.com with SMTP id q5so819058plr.11 for ; Fri, 08 Jul 2022 07:09:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=vyGmUUV8fXNXjitiYEebumtFeETIvTrsp5FsJ4ARCPk=; b=AFWmlMMkB1lWNUgSOmW5ebvwhWWrU6ULtEyh8CqUd8GJyUMoA5EZjttk++oClV/4HF MnzJnaH+5/CTt07PDVp/QEPcFBZa8qZ9RVsY51Jyqf/zTQ+e28FyWGwP5lfCn9xI/K3w M6AQk0UVqxGr3PjqO7uNjX2Adf2UTdwNI6DUhf+yo+c+stdWoChuHsCQitLd8+PWn4sf Gik8nz/wQHn/M59t7SgTlz0bZ0QKWtOjy7n4W9zU6OEoIavqwSGH0Z1Etc7nd433Xw8V Nb1+zWw5ooKOKr4OX7byIpH/U0auSSL6sO11DVdmoEUkY2lXWbc6jdoJO7BuQz9O3Hf6 plMQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=vyGmUUV8fXNXjitiYEebumtFeETIvTrsp5FsJ4ARCPk=; b=AXkRJxjnHn5Qmw31tMbmHSifC+SY09ocl58pLJlZsyxfKgzIsjArvIwD6R9/0e3Gjx 7i5JXNq1TLJCwjCU3ipyle8rJivYixYV0J+QZ3MSQ8aw/4PCOxsipnxbBsfAQhNQFpT4 2VIRVE5A5ptxd7LOVqKhfb0DEaqikqNbIysCtLyJQc+76KXoyDSu9bn4NjSLSlwG6lXh zxWGyukezNzyLIYO94DSKpYWW2W0DelJ5Xcr8rYScEaQVkJWDnfzcZ+cHNL7w/p2RdQX XC8yVTjPQSngOVu5Y/H9TXqfB5iJpIbD5/GfTTHekHcjSIGK/t6adsJCcInJ+5kdKbqy LKIQ== X-Gm-Message-State: AJIora9iXFhi0sIYhZM4MYNQmeIU14po774QbD+YiKv0cGWkiHGC+GEW HvSAKF+fwmCMVKPICRiZQMi9p8m8/yZQdhU2ug8= X-Google-Smtp-Source: AGRyM1vJrAU8NhOVkMe6BGAzFL0dLwRN/fzvJ8CaCM0okLpiYMI2efZUMihwh4feiW4Nx3UaJ2UEpgL4HI8GIf4MEgY= X-Received: by 2002:a17:90a:f2d7:b0:1ef:8859:d61 with SMTP id gt23-20020a17090af2d700b001ef88590d61mr12267883pjb.215.1657289360559; Fri, 08 Jul 2022 07:09:20 -0700 (PDT) MIME-Version: 1.0 References: <3D3BFE9C-CFF3-49FF-840F-063B52C69A42@voskuil.org> <164256450-0ee6752f92c0be297952fc72b59076df@pmq5v.m5r2.onet> In-Reply-To: From: James MacWhyte Date: Fri, 8 Jul 2022 16:08:54 +0200 Message-ID: To: Paul Sztorc , Bitcoin Protocol Discussion Content-Type: multipart/alternative; boundary="000000000000a051bb05e34bbfd0" Subject: Re: [bitcoin-dev] No Order Mnemonic X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 08 Jul 2022 14:09:22 -0000 --000000000000a051bb05e34bbfd0 Content-Type: text/plain; charset="UTF-8" > What do you do if the "first" word (of 12), happens to be the last word in > the list alphabetically? > That couldn't happen. If one word is the very last from the wordlist, it would end up at the end of your mnemonic once you rearrange your 12 words alphabetically. However! (@vjudeu) Choosing 11 random words and then sorting them alphabetically before assigning a checksum would reduce entropy considerably. If you think about it, to bruteforce the entire keyspace one would only need to come up with every possible combination of 11 words + 1 checksum. I'm not the best at napkin math, but I think that leaves you with around 10 trillion combinations, which would only take a couple months to exhaust with hardware that can do 1 million guesses per second. James --000000000000a051bb05e34bbfd0 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable

What do you= do if the "first" word (of 12), happens to be the last word in t= he list alphabetically?

That couldn&#= 39;t happen. If one word is the very last from the wordlist, it would end u= p at the end of your mnemonic=C2=A0once you rearrange your 12 words alphabe= tically.

However!=C2=A0

(@vjudeu) Choosing 11 random w= ords and then sorting them alphabetically before assigning=C2=A0a checksum = would reduce entropy considerably. If you think about it, to bruteforce the= entire keyspace one would only need to come up with every possible combina= tion of 11 words=C2=A0+ 1 checksum. I'm not the best at napkin math, bu= t I think that leaves you with around=C2=A010 trillion combinations, which = would only take a couple months to exhaust with hardware that can do 1 mill= ion guesses per second.

James
--000000000000a051bb05e34bbfd0--