From: Pieter Wuille <pieter.wuille@gmail•com>
To: slush <slush@centrum•cz>
Cc: Bitcoin Dev <bitcoin-development@lists•sourceforge.net>
Subject: Re: [Bitcoin-development] BIP0039 Mnemonic code for generating deterministic keys
Date: Thu, 24 Oct 2013 21:23:51 +0200 [thread overview]
Message-ID: <CAPg+sBjFAJrDx=dzU3nWCiaUBEiD5fZ2B1aMHGgT1gE402N0Kg@mail.gmail.com> (raw)
In-Reply-To: <CAJna-HiE8YgKOuAHubRKbJYQviMz8Ws9E+eMDwcgV1pWpDBijg@mail.gmail.com>
This is probably too late in the discussion, and I certainly don't
want to derail any standard being formed. But if it is controversial,
I want to offer my own suggestion.
This is a proposal I wrote a year ago, but never spent enough work to
push it as a standard:
https://bitcointalk.org/index.php?topic=102349.0
It needs some work, but I believe it may be a base for a superior
system than what is being proposed here. As the scheme linked above
has built-in configurable difficulty and checksums, the word set being
used doesn't need to function for checking anymore. You could use any
dictionary/language/text generator, and feed it into the system - the
software on the other side doesn't need to use the same dictionary.
The disadvantage is of course that it cannot encode arbitrary data -
it can only be used to generate a random seed. It does have some
theoretical advantages, though (see link).
--
Pieter
On Thu, Oct 24, 2013 at 8:26 PM, slush <slush@centrum•cz> wrote:
> We've reflected many comments about BIP39 wordlist from the community and I
> think the wordlist is much better now. Specifically we removed many of
> theoretically offensive words as well as we implemented algorithm for
> detecting words with similar characters (cat/eat) and we resolved these
> duplicities. I'm now quite happy with the wordlist and I want to ask you for
> next (final?) round of comments.
>
> From other features, we added password protection of seed and seed hardening
> (against bruteforcing) using Rijndael cipher. This has been chosen because
> its blocksize can be 128, 192 or 256 bits, so it fits length of desired
> seeds. Also there are Rijndael implementations in every language. Btw
> password protection has one interesting feature - plausible deniability. It
> allows user to have one mnemonic and by using it with different passwords,
> it will generate different BIP32 wallets.... (wink wink)
>
> I want to be pretty clear that we need to close this topic somehow, because
> we want to use such algorithm in Trezor (which deadline is coming quick) and
> also other wallet developers want to implement such algorithm into clients
> to be compatible with Trezor. There were quite strict requirements for such
> algorithm (like the possibility to convert mnemonic to seed as well as seed
> to mnemonic) and I think we found a good solution. I'm wildly asking you for
> constructive comments, but saying "it's a crap, I don't like it" won't help
> anything.
>
> Thanks,
> slush
>
>
> On Thu, Sep 12, 2013 at 6:02 PM, Matthew Mitchell
> <matthewmitchell@godofgod•co.uk> wrote:
>>
>> I removed some more but I haven't added enough back in. It was taking far
>> longer than expected so I gave up, but maybe someone else can try to add
>> some more:
>>
>>
>> https://github.com/MatthewLM/python-mnemonic/blob/master/mnemonic/wordlist/english.txt
>>
>> On 12 Sep 2013, at 13:11, Pavol Rusnak <stick@gk2•sk> wrote:
>>
>> > On 10/09/13 23:03, Matthew Mitchell wrote:
>> >> Maybe it would have been better without the aggressive words?
>> >
>> > I revisited the wordlist and replaced around 67 words that can be
>> > found offensive in some context.
>> >
>> > --
>> > Best Regards / S pozdravom,
>> >
>> > Pavol Rusnak <stick@gk2•sk>
>> >
>> >
>> > ------------------------------------------------------------------------------
>> > How ServiceNow helps IT people transform IT departments:
>> > 1. Consolidate legacy IT systems to a single system of record for IT
>> > 2. Standardize and globalize service processes across IT
>> > 3. Implement zero-touch automation to replace manual, redundant tasks
>> >
>> > http://pubads.g.doubleclick.net/gampad/clk?id=51271111&iu=/4140/ostg.clktrk
>> > _______________________________________________
>> > Bitcoin-development mailing list
>> > Bitcoin-development@lists•sourceforge.net
>> > https://lists.sourceforge.net/lists/listinfo/bitcoin-development
>>
>>
>>
>> ------------------------------------------------------------------------------
>> How ServiceNow helps IT people transform IT departments:
>> 1. Consolidate legacy IT systems to a single system of record for IT
>> 2. Standardize and globalize service processes across IT
>> 3. Implement zero-touch automation to replace manual, redundant tasks
>>
>> http://pubads.g.doubleclick.net/gampad/clk?id=51271111&iu=/4140/ostg.clktrk
>> _______________________________________________
>> Bitcoin-development mailing list
>> Bitcoin-development@lists•sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
>>
>
>
> ------------------------------------------------------------------------------
> October Webinars: Code for Performance
> Free Intel webinars can help you accelerate application performance.
> Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most
> from
> the latest Intel processors and coprocessors. See abstracts and register >
> http://pubads.g.doubleclick.net/gampad/clk?id=60135991&iu=/4140/ostg.clktrk
> _______________________________________________
> Bitcoin-development mailing list
> Bitcoin-development@lists•sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
>
next prev parent reply other threads:[~2013-10-24 19:23 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-09-10 16:44 slush
2013-09-10 17:36 ` Andreas M. Antonopoulos
2013-09-10 20:40 ` Matthew Mitchell
2013-09-10 20:50 ` slush
2013-09-10 21:03 ` Matthew Mitchell
2013-09-10 21:34 ` Pavol Rusnak
2013-09-10 22:08 ` Gregory Maxwell
2013-09-10 22:35 ` Mark Friedenbach
2013-09-10 22:43 ` Gregory Maxwell
2013-09-11 12:49 ` Andreas Petersson
2013-09-12 12:09 ` Pavol Rusnak
2013-09-10 22:47 ` slush
2013-09-12 12:11 ` Pavol Rusnak
2013-09-12 16:02 ` Matthew Mitchell
2013-10-24 18:26 ` slush
2013-10-24 19:23 ` Pieter Wuille [this message]
2013-10-24 19:46 ` slush
2013-10-24 19:32 ` Jorge Timón
2013-10-24 19:37 ` slush
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAPg+sBjFAJrDx=dzU3nWCiaUBEiD5fZ2B1aMHGgT1gE402N0Kg@mail.gmail.com' \
--to=pieter.wuille@gmail$(echo .)com \
--cc=bitcoin-development@lists$(echo .)sourceforge.net \
--cc=slush@centrum$(echo .)cz \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox