2

How much time would it take to brute force a seed that we know all of its words but also that is completely shuffled? I ask this because the old Trezor model asks for seed in a shuffled way but still all the words can be seen. So if a malicious software would intercept all the words, in what time could the adversary crack the key?

Anonymous
  • 45
  • 4

1 Answers1

2

This depends a little bit if all words are independent. If yes the will be 24! = 620.448.401.733.239.439.360.000 permutations of the words. Assuming that you computer can check 1 billion permutations per second (which is is way too optimistic as this would assume that a signature / public key could be computed within one clock cycle which he can't) this would mean that your computer still would need 620.448.401.733.239 seconds which is 19674289 (19.6 million) years as the absolut minor / lower bound. This estimation however does not take into account technological breakthroughs in computing hardware which could very well happen in that time frame (:

Rene Pickhardt
  • 11,825
  • 8
  • 36
  • Sorry but wouldn't this be a vast over estimation? Assuming the checksum alone is possible in every combination (divide by 16) but every combination cant have a valid checksum with the given word list (I dont think?) Unsure how to calculate lol. – MaxSan Feb 22 '21 at 22:54
  • before checksum computation you would still have to generate each permutation. so if I estimate checksum check with one clock cycle or also add the signature / pubkey computation doesn't make too much of a difference (in my opinion) I think the point is that it is not feasible to brute force this. – Rene Pickhardt Feb 22 '21 at 23:10
  • How about if I have the wallet address?

    Also, if we account that we can use the checksum hack to further reduce the keyspace by 256?

    We would have !24 possibilities \ 256 **minus any improvement gained from having the wallet?

    Just brainstorming.

     – avia Mar 27 '24 at 18:27