Why 12 Words Is All You Need
The Mathematics of Unbreakable Encryption
1. The Problem With Passwords
In 2024, the average person manages 168 passwords. 65% reuse passwords across services. Over 15 billion credentials have been exposed in data breaches, available on the dark web for less than $10 per account.[1]
A typical 8-character password chosen by a human contains approximately 30-40 bits of entropy. At current GPU cracking speeds of ~100 billion attempts per second (RTX 4090 × 8 rig), such a password falls in under 10 seconds.[2]
More critically: passwords require the server to know the secret. Every password you type is transmitted to a remote server, compared against a stored hash, and validated. If that server is compromised — and 1,802 US data compromises occurred in 2023 alone[3] — your content is exposed. The server model is fundamentally broken for anything you want to keep private.
NIST Special Publication 800-63B explicitly recommends against password-only authentication and advises moving toward phishing-resistant, cryptographic methods.[4]A seed phrase is exactly that.
2. What Is A Seed Phrase?
A seed phrase is 12 (or 24) common English words drawn from a standardized list of 2,048 words, defined by BIP39 — Bitcoin Improvement Proposal 39.[5] This standard has secured over $100 billion in Bitcoin since 2013. It has been subjected to 10+ years of continuous, high-stakes cryptographic review by the world's best security researchers. It has never been broken.
These 12 words are mathematically transformed into a 256-bit encryption key through PBKDF2-HMAC-SHA512 with 2,048 rounds.[6] The 2,048-word list was designed for maximum human error resistance: no visually similar words, no homophones, every word uniquely identifiable by its first 4 letters.
The 12th word contains a built-in checksum. Mistype any word and the browser immediately tells you — the error is caught before any decryption is attempted.
3. The Math: From Words To Key
AES-256-GCM provides authenticated encryption — the ciphertext is not only encrypted, but verifiably untampered. Any modification to the encrypted file is detected and rejected.[7]This is the same algorithm approved by the NSA for TOP SECRET classified information.[8]
Encryption overhead: just 28 bytes (12-byte nonce + 16-byte auth tag). A 10,000-word essay grows by approximately 0.05%.
4. Why It Cannot Be Broken
This is not a debatable claim. It is a mathematical certainty bounded by physics.
| Key type | Entropy | Combinations | Crack time (10¹² tries/s) |
|---|---|---|---|
| 4-digit PIN | 13 bits | 10,000 | Instant |
| 8-char password | ~35 bits | ~3.4×10¹⁰ | 0.03 seconds |
| 16-char random | ~95 bits | ~6.3×10²⁸ | ~2 billion years |
| 12-word BIP39 | 128 bits | 3.4×10³⁸ | 1.08×10¹⁹ years |
| 24-word BIP39 | 256 bits | 1.16×10⁷⁷ | 3.67×10⁵⁷ years |
For comparison: the age of the universe is 1.38×10¹⁰ years.
The crack time assumes 1 trillion attempts per second — roughly the entire Bitcoin network's hash rate (~700 EH/s). Even if you turned every atom on Earth into a perfect computer operating at the Landauer limit (the theoretical minimum energy per computation)[9], brute-forcing 128 bits would consume more energy than the Sun outputs in a year.
This is a physics problem. No advances in AI, quantum computing, or any future technology can reduce the search space of a properly random key. AES-256 is quantum-resistant — Grover's algorithm can at best halve the effective key length to 128 bits, which remains unbreakable.[10]
Bottom line: A 12-word BIP39 seed phrase is harder to crack than the universe is old, by a factor of ~780 million. A 24-word phrase is harder by a factor of ~2.6×10⁴⁷ — a number with 48 digits.
5. Zero-Knowledge Architecture
The critical property is not just the encryption — it's where the encryption happens.
This is called zero-knowledge. The hosting provider sees only files that appear to be random data. Even if compelled by a court order, they cannot decrypt your content. The key exists only in the memory of the person who knows the 12 words.
No login form. No username. No email. No password reset. No API. No database of credentials. The 12 words are the access. No gate to breach.
6. Etched Into Time
A website expires. A domain lapses. A server shuts down. The vault survives:
Citations
- Have I Been Pwned. Pwned Passwords. Troy Hunt, 2024.
- Hashcat. GPU Benchmark Results: NTLM on RTX 4090. hashcat.net, 2024.
- Identity Theft Resource Center. 2023 Data Breach Report. ITRC, January 2024.
- NIST. SP 800-63B: Digital Identity Guidelines. NIST, 2017.
- Palatinus, M., Rusnak, P. BIP-0039: Mnemonic code for generating deterministic keys. Bitcoin Improvement Proposals, 2013.
- NIST. SP 800-132: Recommendation for Password-Based Key Derivation. NIST, 2010.
- NIST. FIPS 197: Advanced Encryption Standard (AES). NIST, 2001; updated 2023.
- NSA. Suite B Cryptography. NSA, 2005. Superseded by CNSA Suite 2.0 (2022) which continues to mandate AES-256.
- Landauer, R. Irreversibility and Heat Generation in the Computing Process. IBM Journal, 1961.
- NIST. NIST IR 8413: Post-Quantum Cryptography Standardization. NIST, 2022. Grover's algorithm reduces AES-256 to 128 bits, still infeasible.
- Benet, J. IPFS — Content Addressed, Versioned, P2P File System. Protocol Labs, 2014.
- Todd, P. OpenTimestamps. 2016.
Dycerism v1.0 · Enter the Vault