Author: Thomas Voegtlin 2014-03-27 13:49:32
Published on: 2014-03-27T13:49:32+00:00
Mike Hearn, in a post dated March 27th, 2014, questions the decision to use a 256-bit entropy size in BIP32, suggesting that 128 bits should be sufficient. This is because 2^128 iterations are not currently brute forcible and will not be so in the foreseeable future. He explains that an EC pubkey of length n can be forced in approximately 2^(n/2) iterations, meaning that Bitcoin pubkeys, being 256 bits, would require 2^128 iterations. As a result, unused addresses (160-bit hash) are considered better protected than used ones. However, people tend to believe that a public key of size n requires 2^n iterations, which may have been spread by this popular image: https://bitcointalk.org/index.php?topic=508880.msg5616146#msg5616146.
Updated on: 2023-06-08T16:09:37.167492+00:00