@@ -58,7 +58,7 @@ For checksum we use lower 16-bits of CRC32 algorithm. We don't use CRC16, becaus
When enough M secrets are provided the master secret is reconstructed. To allow an additional protection of the final seed using a passphrase we suggest a following scenario. The passphrase is hashed using PBKDF2, which servers as a key to an AES encryption. The result of this encryption is the final seed to be used. If no passphrase is provided the passphrase is set to an empty string.
This mechanism is intentionally symmetric to allow reconstructing the master secret from the seed in case the passphrase is known.
