Open qdhj opened 11 months ago
Session Desktop currently only generates 13-word mnemonics for users. However, my understanding is Session Desktop accepts any mnemonic of 12+1, 15+1, 18+1, 21+1 or 24+1 words in length. The first 12, 15, 18, 21 or 24 words are the cryptographic material, and the last word is a check word that is chosen (by calculation) from one of the mnemonic's words. Given there are 1626 words in the wordlist, each 3 words has entropy 32 bits (although not exactly), therefore a 13-word mnemonic has 128 bits entropy, and a 25-word mnemonic has 256 bits (the check word has no entropy).
Do you know of any argument that supports that a 128-bit Session seeds is vulnerable now or in the future? I guess quantum computing might be a major reason, but I'd be happy to hear of other compelling reasons to increase the Session seed length.
If you immediately want a Session mnemonic longer than 12+1 words, you can do this. Create two new Session mnemonics, discard the check word from each mnemonic, concatenate the two shorter mnemonics together, then figure out (by calculation or by trial and error) which of the 24 words is the correct 25th check word.
I'd also be happy to see a discussion of pros vs cons of supporting generation of longer seeds/mnemonics.
In my mind...
The 12-word mnemonic phrases, while widely used (and considered secure), are going to be definitely more vulnerable to quantum computing — a small world that's taking off, with the potential to break certain cryptographic algorithms, including those used in cryptocurrency wallets.
There is already some development in this area. For instance, Shor
's algorithm, with sufficient compute power can be used to efficiently solve certain mathematical problems. Still, a long shot, but quite possible.
Personally, I haven't read anywhere there is evidence this has happened, but if it's not too complex, why not upgrade? The same argument could be made on the opposite direction on using a lower number that provides sufficient protection.
Another important point in this subject is that, while the mnemonic phrase length plays an important role, exploring also quantum-resistant cryptographic schemes that involve the use of different algorithms is also important, and probably necessary in many products — albeit not possible in all situations.
Tracked internally via SES-2277
Is there an existing request for feature?
What feature would you like?
The generated key is based on a 13-word seed, there is no option to increase it?
Anything else?
No response