Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Electrum
Re: [ANNOUNCE] Electrum - a new thin client
by
Michael_S
on 18/07/2012, 23:57:10 UTC
Quote from: austonst on July 18, 2012, 11:40:53 PM
Quote from: Michael_S on July 18, 2012, 11:03:51 PM
Quote from: vuce on July 17, 2012, 08:58:30 PM
Quote from: Michael_S on July 17, 2012, 08:48:02 PM
But as long as there is no mathematical proof that such attack is impossible, I do not feel entirely comfortable with deterministic keys
You might have bigger problems then since ecdsa is also only assumed to be secure.
Why? My private keys are not sent to the server. so if the Electurm server turns out insecure, still nobody can steal my keys.
I think he's referring to Elliptic Curve Digital Signature Algorithm, not the Electrum server at ecdsa.org. Bitcoin keypairs, including deterministic keys, are created with ECDSA. Like most public key cryptosystems, it is never impossible to carry out an attack; it is only extremely impractical. That's (probably) why vuce is saying ECDSA is only assumed to be secure. If you need complete mathematical certainty of impossibility, there's bigger problems than just deterministic wallets.
Oh, I see, thanks! So my approach would be to minimize (not to completely eliminate, since this is not possible) the number of *potentially* vulnerable points that could be attacked in the future. And when using deterministic keys I add one more *potentially* weak point that could be the target of a future attack. So, avoiding deterministic keys (for larger amounts of BTC savings) means being potentially more secure (and for sure not less secure), although I am never guaranteed 100% security.