Are electrum's private keys 512 bits or 256 bits long?

0

I have recently been going through the python source code for electrum and encountered the following lines of code at the mneumonic.py file starting from line 130:

def mnemonic_to_seed(self, mnemonic, passphrase):
        PBKDF2_ROUNDS = 2048
        mnemonic = normalize_text(mnemonic)
        passphrase = normalize_text(passphrase)
        return pbkdf2.PBKDF2(mnemonic, 'electrum' + passphrase, iterations = 
              PBKDF2_ROUNDS, macmodule = hmac, digestmodule = 
               hashlib.sha512).read(64)

We see clearly that it returns a 64 bytes or 512 bit seed instead of what we all know a bitcoin priv key should be - 256 bits. Is this the final function to be called for priv key generation or are there steps or functions that I missed?

Henok Yemane

Posted 2018-02-06T09:21:56.853

Reputation: 1

The seed phrase created by Electrum has 132 bits of entropy. This means that it provides the same level of security as a Bitcoin private key (of length 256 bits). Indeed, an elliptic curve key of length n provides n/2 bits of security.Adam 2018-02-06T10:04:56.733

Answers

1

Is this the final function to be called for priv key generation or are there steps or functions that I missed?

You are missing a lot of steps.

The seed value is 512 bits because more bits is more secure, and BIP 32 specifies that a seed value between 128 and 512 bits should be used. It does not matter what the length of the seed value is because it will get hashed anyways and the result is 512 bits.

BIP 32 uses 512 bits because the value is split in half for two 256 bit values. One of those is the private key, the other is the chaincode.

Andrew Chow

Posted 2018-02-06T09:21:56.853

Reputation: 40 910

1

That's the key stretching function that adds a little bit of entropy to the seed. The mnemonic goes through that function and then the output of that goes through bip32_root() which runs it through sha512 again. BIP32 kinda requires 512 bits so that there are enough bits for the chain code and master private key.

Anyway the electrum seed is 135 bits effectively.

Abdussamad

Posted 2018-02-06T09:21:56.853

Reputation: 1 850

Asked: 2018-02-06T09:21:56.853

Viewed: 217 times

Active: 2018-04-15T01:33:00.240