diff options
| author | Mironenko <mironenko@rutoken.ru> | 2021-12-07 19:55:07 +0300 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-12-07 19:55:07 +0300 |
| commit | d07e499d3f0768158b096ce30a07233fc665e5d3 (patch) | |
| tree | 443373fe32f9c5c8e6cb1d18084120ad645b49f7 /bip-0032.mediawiki | |
| parent | edffe529056f6dfd33d8f716fb871467c3c09263 (diff) | |
Fix typo in BIP-32
Diffstat (limited to 'bip-0032.mediawiki')
| -rw-r--r-- | bip-0032.mediawiki | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/bip-0032.mediawiki b/bip-0032.mediawiki index 7a4ae84..663e999 100644 --- a/bip-0032.mediawiki +++ b/bip-0032.mediawiki @@ -201,7 +201,7 @@ In addition to the expectations from the EC public-key cryptography itself: the intended security properties of this standard are: * Given a child extended private key (k<sub>i</sub>,c<sub>i</sub>) and the integer i, an attacker cannot find the parent private key k<sub>par</sub> more efficiently than a 2<sup>256</sup> brute force of HMAC-SHA512. * Given any number (2 ≤ N ≤ 2<sup>32</sup>-1) of (index, extended private key) tuples (i<sub>j</sub>,(k<sub>i<sub>j</sub></sub>,c<sub>i<sub>j</sub></sub>)), with distinct i<sub>j</sub>'s, determining whether they are derived from a common parent extended private key (i.e., whether there exists a (k<sub>par</sub>,c<sub>par</sub>) such that for each j in (0..N-1) CKDpriv((k<sub>par</sub>,c<sub>par</sub>),i<sub>j</sub>)=(k<sub>i<sub>j</sub></sub>,c<sub>i<sub>j</sub></sub>)), cannot be done more efficiently than a 2<sup>256</sup> brute force of HMAC-SHA512. -Note however that the following properties does not exist: +Note however that the following properties do not exist: * Given a parent extended public key (K<sub>par</sub>,c<sub>par</sub>) and a child public key (K<sub>i</sub>), it is hard to find i. * Given a parent extended public key (K<sub>par</sub>,c<sub>par</sub>) and a non-hardened child private key (k<sub>i</sub>), it is hard to find k<sub>par</sub>. |