On Tue, Jan 21, 2014 at 01:00:43AM +0100, Thomas Voegtlin wrote:
> Hi slush,
> 
> Thank you for your new proposal; it seems to be a compromise.
> 
> @Christophe Biocca:
> If the wordlist becomes part of the standard, then we will run into
> problems of collisions once users ask for wordlists in every language.
> 
> IMO the right approach is to implement checksums that do not depend
> on the wordlist (eg the 'brute force' method, Hash(mnemonic||1) mod
> 2^k == 0 )
> this would also allow us to implement sipa's variable stretching proposal.
> 
> I understand this is not possible because of the computational
> requirements of devices such as trezor.

Is it? Surely the trezor can bruteforce, say, 8 bits == 0. How many
SHA256/sec can the trezor hardware do? Generating your seed is a
one-time thing after all - that taking 10-30s doesn't seem like a big
deal to me.

Even a 1/256th "checksum" will really cut down on the number of mistakes
made and money lost.

-- 
'peter'[:-1]@petertodd.org
0000000000000001d8b9d438c18e856735ddae5b1d918416010350d19794aab6

Attachment: signature.asc
Description: Digital signature

------------------------------------------------------------------------------
CenturyLink Cloud: The Leader in Enterprise Cloud Services.
Learn Why More Businesses Are Choosing CenturyLink Cloud For
Critical Workloads, Development Environments & Everything In Between.
Get a Quote or Start a Free Trial Today. 
http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk
_______________________________________________
Bitcoin-development mailing list
Bitcoin-development@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/bitcoin-development

Reply via email to