6
Can someone explain how secure the deterministic wallet implementations of Electrum and Armory are? As far as I know, Electrum uses a 128-bit seed to generate all the addresses. I don't get this because since even a single bitcoin address consists of 256-bits. why not make this seed something much larger? And electrum uses something called "root key" and "chain code" which I can't find any explanations about.
Any ideas on how secure these implementations are?
2
It is secure.
128-bit seed is at this time very secure. It is lower than a regular bitcoin address which is actually RIPMED-160(SHA-256), giving it 160 bits of entropy.
Brute forcing a 128 bits of entropy at this time would take around 1,440,000,000 years if every computer ever made was working on this single problem.
Like most of these algorithms brute forcing is not the issue. Side channel attacks are usually the danger or if an error is found in the implementation, which none have been yet.
1As secure as the master key, no major faults have been found in these implementations yet. – John T – 2014-01-26T22:25:43.433