Macht die zusätzliche Passphrase (25. Wort im Seed) das Ledger wirklich sicherer?
- Dieses Thema hat 10 Antworten und 1 Teilnehmer, und wurde zuletzt aktualisiert vor 5 Monaten, 1 Woche von
.
-
Beiträge
-
-
Ich habe immer gehört, dass das Hinzufügen von proprietären Dingen zu einer bereits erprobten und getesteten kryptografischen Technologie die Sicherheit aufgrund unvorhersehbarer Konsequenzen normalerweise verschlechtert. Ist das Merkmal des 25. Sicherheitswortes etwas, das Ledger hinzugefügt hat, und gibt es Studien, die zeigen, dass das Hinzufügen dieses Wortes das Ledger sicherer macht?
-
A bip39 passphrase is not proprietary, it is part of the BIP39 standard and supported by most hardware and software wallets.
It increase security in the sense that knowing 24 word the seed phrase is not sufficient to avcess tour account. The bip39 passphrase is needed
It also mitigate a security vulnerability that could exist if the ramdom number generator used to generate the 24 word seed phrase had a bug causing entropy lower than 256 bits.
I suggest you do more research on this topic, there is a lot of information available on the web.
-
-
Maybe, or maybe not. In general yes, because it adds an additional layer of encryption over the standard 24 words of key contained in ledger. Anyway, specifically to ledger, it is not open source firmware, so you can’t trust it that it doesn’t keep the 25th word inside too in some kind of cache to make it leak in any moment.
-
The 24 words are selected from a list of 2048 words. So, you’re 24 words are already known, but to bruteforce it in the correct order takes so long (with current computing power) that it is currently safe. Or somebody has to be almost impossibly lucky (it’s still non-zero).
Adding a 25th word that can be anything – especially something that’s not in any dictionary – makes it so much safer. It would even require more computing power to bruteforce an unknown word that can be up to 100 characters on top of the 24 words.
The biggest upside of the 25th word is that its uage state is unknown, as it’s only known by you. If you don’t mention it, it does not exist.
Use that to your advantage by storing almost all funds on the 25th word, and only a small amount on the 24 words. Now, in a worst case scenario (baseball bat next to your head or at gun point), you can share the recovery phrase (24 words) instead of denying it and angering the agressor. You only lose a small amount.
The 25th word is also handy with a service like Recover. In worst case, if your recovery phrase somehow is discovered by others, you again only lose what’s on the 24 words.
-
-
-
The way I understand it’s function it’s not so much about security layer but to use is as a decoy.
Here’s a basic implementation scenario.
Keeps some funds on your account that you have access with the 24 words seed.
Worst case scenario; imagine someone know you have crypto and forces you to handover your seedphrase. You give it and they’ll have access to the low funds accounts.Then you have your 25 words seed, where you keep your well funded accounts.
Be as creative as you wish.
Or have multiple ledger..
You are you own bank, so deal with the risk wisely.
-
-
Good read if you haven’t already..
https://www.ledger.com/academy/passphrase-an-advanced-security-feature
-
wow, I’m surprised that many people are saying that 25 words increases “encryption”. This is a common misconception, in fact even 24 vs 12 words does not increase “security” on the protocol level (unless you know all the words but not their order, then yes, 24 words will save you). It may be counter-intuitive, but it does, more on that here:
[https://foundationdevices.com/2023/06/make-12-words-the-standard/](https://foundationdevices.com/2023/06/make-12-words-the-standard/)
-
- Du musst angemeldet sein, um auf dieses Thema antworten zu können.
