Skip to content
This repository

Wallet encryption has extra 0x10 bytes on the end of keys #933

Closed
TheBlueMatt opened this Issue · 1 comment

2 participants

Matt Corallo Wladimir J. van der Laan
Matt Corallo

Found by etotheipi, likely due to this comment being wrong:
https://github.com/bitcoin/bitcoin/blob/master/src/crypter.cpp#L68
This hurts security by making it easier to brute force, but not significantly, should be easily fixable.

Pieter Wuille sipa referenced this issue from a commit
Commit has since been removed from the repository and is no longer available.
Pieter Wuille sipa referenced this issue from a commit
Commit has since been removed from the repository and is no longer available.
Pieter Wuille sipa referenced this issue from a commit in sipa/bitcoin
Pieter Wuille Use unpadded encryption for wallet keys (fixes #933)
Wallet keys are 32 bytes, exactly two AES blocks. Using padded encryption
makes attacking somewhat easier, as the attacker can check whether the
padding is correct after decrypting using an attempted passphrase, rather
than needing to do an EC multiplication to check whether the private and
public keys match.
c682cdf
Wladimir J. van der Laan laanwj closed this
Wladimir J. van der Laan
Owner

(fixed by c682cdf two years ago...)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.