Skip to content

Wallet encryption has extra 0x10 bytes on the end of keys #933

TheBlueMatt opened this Issue Mar 12, 2012 · 1 comment

2 participants


Found by etotheipi, likely due to this comment being wrong:
This hurts security by making it easier to brute force, but not significantly, should be easily fixable.

@sipa sipa added a commit to sipa/bitcoin that referenced this issue Mar 19, 2012
@sipa sipa Use unpadded encryption for wallet keys (fixes #933)
Wallet keys are 32 bytes, exactly two AES blocks. Using padded encryption
makes attacking somewhat easier, as the attacker can check whether the
padding is correct after decrypting using an attempted passphrase, rather
than needing to do an EC multiplication to check whether the private and
public keys match.
@laanwj laanwj closed this Dec 23, 2013
Bitcoin member
laanwj commented Dec 23, 2013

(fixed by c682cdf two years ago...)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.