[bitcoin-dev] BIP proposal: derived mnemonics
hoenicke at gmail.com
Wed Jul 27 10:39:36 UTC 2016
Jonas Schnelli via bitcoin-dev <bitcoin-dev at lists.linuxfoundation.org>
schrieb am Di., 26. Juli 2016 um 22:10 Uhr:
> Side-note: Bip39 does still use PBKDF2 with 2048 iterations which I
> personally consider "not enough" to protect a serious amount of funds.
But what are the alternatives? Put an expensive processor and a decent
amount of memory in every hardware wallet to support scrypt? Use a million
iterations and just wait 10 minutes after entering you passphrase? Or
compute the secret key on your online computer instead?
Also, how many iterations are secure? A million? Then just add two random
lower-case letters to the end of your passphrase and you have a better
protection with 2048 iterations. If you want to be able to use your
passphrase with cheap hardware and be protected against a high-end computer
with multiple GPUs that is almost a mllion times faster, then you have to
choose a good passphrase. Or just make sure nobody steals your seed; it is
not a brainwallet that is only protected by the passphrase after all.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the bitcoin-dev