Why Are Mnemonic Phrase Based Private Keys Unhackable ?
Rohan Pinto
Ξ CTO / Founder / 1Kosmos - BlockID / Security Architect / Blockchain / Identity Management Maven / Cryptography Geek / Investor / Author
First we need to see what is mnemonics? It is a system such as a pattern of letters, ideas, or associations which assists in remembering something. A mnemonic private key is a memory technique utilizing a pre-defined, memorized formula to construct a password on the fly from various context information that the user has available
Printed passwords are frequently the main system used to confirm clients of an arranged framework. Sadly, numerous passwords are effortlessly speculated or split. While trying to fortify passwords, a few frameworks educate clients to make mental helper express based passwords. A memory aide secret key is one where a client picks a paramount expression and utilizations a character to speak to each word in the expression.
Spelling and articulating the word mnemonics is really testing, yet this memory strategy is in reality here to make our lives simpler, and you’ll be amazed how frequently you really utilize it.
A memory helper is essentially a procedure that encourages us learn and hold data through less difficult routes than the first organization. There are a few unique kinds of procedures, yet they all have a similar ultimate objective – to enable us to recall! The word mnemonics originates from the Ancient Greek word for memory, and was utilized a great deal in those days to recollect everything from exposition and sonnets, to bearings and geology – obviously they didn’t have pencils in those days, not to mention Sat Nav or PCs!
On the off chance that you can recollect your school days, you’ll was immersed with so much data that you expected to create approaches to recall everything, and everybody had their own particular strategies, yet some were more regularly utilized than others.
The most well-known mental aides are those that assistance us to recollect the request of things by utilizing the principal letter of the subjects in a simple to-review express. For example, the request of planets Mercury, Venus, Earth, Mars, Jupiter, Saturn, Uranus, Neptune and Pluto is less complex to recall by utilizing these acronyms: My Very Easy Method Just Speeds Up Naming Planets, or My Very Educated Mother Just Served Us Nine Pizzas – obviously, these all originate before Pluto being openly embarrassed and downgraded to a star, however it’s sufficiently simple to drop the ‘P’. There are likewise acronym mental aides to recall how to spell precarious words like RHYTHM: Rhythm Helps Your Two Hips Move or traps to recollect the right spelling of ACCOMMODATION: Two bunks require two sleeping cushions in any convenience, and PRINCIPAL v PRINCIPLE: Your main is your buddy. My most loved memory aide that doesn’t prove to be useful as much as I’d like is a nautical related one that (of course) includes mixed refreshments: Is there any red port cleared out? In that one little sentence we would now be able to effortlessly recall that in sailing wording port is to one side, and red lights imply port – ahoy me hearties! On the off chance that mental aides are your thing, and you need to take in more, look at a splendid book called ‘Moonwalking with Einstein’ which examines how world memory champions can retain two decks of cards in rivalry, and additionally taking a gander at other memory strategies – once you’ve perused it you’ll never need to compose a shopping list again!
Since mnemonic phrases loan themselves to a rich set of changes, giving cases of these changes may help fortify clients’ innovativeness. While mental helper express based passwords may not be a panacea for the secret key determination issue, they do offer an easy to understand elective for urging clients to make great password.
Bruteforce a mnemonic phrase
Lets use the mnemonics used on the bitcoin network as a example. So if we take in consideration todays total hashrate of the whole bitcoin network (https://blockchain.info/charts/hash-rate 35) and assume that the network can check mnemonic combinations with the same speed (which it cannot actually) - the “guessing speed” will be ~35K PH/s or ~3e4 * 1e15 or ~3e19 H/s. Which means that every second the whole network will guess ~30’000’000’000’000’000’000 combinations.
For a standard ethereum wallet with 12 mnemonics there are (2048^12)/16 possible valid combinations, or ~3e38 combinations. If we divide the number of all combinations on the number of combinations guessed each second - we will get that the whole bitcoin network will need around 1e19 seconds, to try all possible combinations.
1e19 seconds is ~1.6e17 minutes, or 2.7e15 hours, or 1.15e14 days or 3.17e11 years. There we have it - the whole bitcoin network would need ~317’000’000’000 YEARS in order to try all possible standard 12-word wallets.
12 word / seed mnemonic phrase based private keys
When you go to generate a private key, you usually generate a seed of at least 12 words (many wallets, including those discussed here, also allow 24 words to be used), but this set of words will be taken from a dictionary of varying size depending on the wallet software.
There are 2256 possible private key combinations, or ~10^77.
The important thing to remember is that every 1 less exponent to the 10th power means 1/10th as many combinations. Therefore, the following table shows the relative security of each dictionary compared to a purely randomly generated private key alone.
So let's estimate how long it would take someone to correctly guess just ONE of these users' private key. The probability (P) of each guess will be users (U) 107 divided by the number of combinations (C). The inverse of this will be the number of guesses to get one right (G). Therefore Guesses divided by hashrate (H) is the Time (T) required for one correct guess. So.....
P = U÷C G = 1÷P = C÷U T = G ÷ H ∴ Guess Time = (Combinations ÷ Users) ÷ Hashrate
If we want to make this useful in the future, we can create a general equation by substituting our calculation of combinations.
D = Dictionary Size N = Number of words in seed U = Users (Wallets using dictionary) H = Hashrate (guesses per second) Guess Time = ((D^N)/U)/H
Guess Time of One Key (in seconds) = DN ÷ (U×H)
This general equation should be correct for all cases, if U and H can be accurately determined. Let's try this out with our examples from above to see if we are safe!
Assuming: 12 words, 107 users, 1018 H/s
Dictionary Size of 1,626 will take ~ 1 Million Years (Time Per Correct Guess) Dictionary Size of 4,096 will take ~ 10 Billion Years (Time Per Correct Guess)
Dictionary Size of 200,000 will take ~ 1031 (10 thousand billion billion billion) years (Time Per Correct Guess)
Conclusion
I would say at this point in time, it is perfectly fine to use 12 seed words with a reasonably large dictionary. Remember, the above table is just for one single correct guess. We also assumed instant checking of wallets. Because the time is inversely proportional to the power, we might say the time to guess will halve every year (other variables being equal), which makes total sense. At this rate, with a 1626 word dictionary, using 12 words, it will be around 40 years until 1 key can be guessed per second. Or 20 years until 1 Key per year. At which point you can just add a 13th word.