On Tue, Jan 21, 2014 at 01:00:43AM +0100, Thomas Voegtlin wrote: > Hi slush, > > Thank you for your new proposal; it seems to be a compromise. > > @Christophe Biocca: > If the wordlist becomes part of the standard, then we will run into > problems of collisions once users ask for wordlists in every language. > > IMO the right approach is to implement checksums that do not depend > on the wordlist (eg the 'brute force' method, Hash(mnemonic||1) mod > 2^k == 0 ) > this would also allow us to implement sipa's variable stretching proposal. > > I understand this is not possible because of the computational > requirements of devices such as trezor.
Is it? Surely the trezor can bruteforce, say, 8 bits == 0. How many SHA256/sec can the trezor hardware do? Generating your seed is a one-time thing after all - that taking 10-30s doesn't seem like a big deal to me. Even a 1/256th "checksum" will really cut down on the number of mistakes made and money lost. -- 'peter'[:-1]@petertodd.org 0000000000000001d8b9d438c18e856735ddae5b1d918416010350d19794aab6
signature.asc
Description: Digital signature
------------------------------------------------------------------------------ CenturyLink Cloud: The Leader in Enterprise Cloud Services. Learn Why More Businesses Are Choosing CenturyLink Cloud For Critical Workloads, Development Environments & Everything In Between. Get a Quote or Start a Free Trial Today. http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk
_______________________________________________ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development
