I managed to lose 5 words from my 24 word phrase recovery Ledger Nano S. I have the words 1-19 but I miss words 20-24. I have significant holdings in the wallet, so I would very much like to get it back if possible. The passphrase is a BIP39 mnemonic (see https://github.com/bitcoin/bips/blob/master/bip-0039.mediawiki). I have the bitcoin and ethereum public addresses for this mnemonic. I wonder if it is possible to brutally force the password.
Each word is 11 bits (2 ^ 11 = 2048 possible words). The last word (24th) of the passphrase is of the following form [3 random bits][8 bit checksum]. Therefore, I only have to check 2 ^ (55 – 8) = 2 ^ 47 = 1,4×10 ^ 14 combinations. I should compute SHA-512-HMAC with an iteration count of 2048. As far as I know, this means that I should calculate 1.4 * 10 ^ 14 * 2048 = 2.87 * 10 ^ 17 hashes in total .
Is there material designed for this? I know ASICs that compute sha-256 hashes but not sha-512 hashes. I could perhaps modify one to work with sha-512 because they are very similar.
Assuming that a fairly typical ASIC is 1TH / s (10 ^ 12 hashes per second), I could exhaust the search space in 2.87 * 10 ^ 5 = 287,000 seconds = 3.3 days. I would probably get there sooner, of course (waited 1.65 days). I do not worry about the weather. Even if I have to wait for months, it does not bother me – so if I can get 10GH / s at a reasonable price, that would be great.
I would really appreciate any help / information you could provide to help me and ensure that I have not missed anything. I could also use GPUs for this (I calculate that I can use them at about 1 / 10TH $ – so it would cost me $ 28.7K to exhaust the search space, which I will do again. there are no cheaper options).
Thank you very much, James