Author

Topic: could somebody derive private key from BIP38 encrypted one without pass phrase? (Read 698 times)

legendary
Activity: 1512
Merit: 1036
ELI5
Imagine putting your toys in a box. Then you put a lock on the toy box. Only you know the combination to unlock the box. You need to remember the combination in your head, because if you write it down, one of your enemies might find the combination and steal your toys.

If you want to give a toy to one of your friends, you will need to use the combination to unlock the box. Once you open the lock, it's not as safe to put the toys back in the box and lock it again. Someone could have seen you enter the combination. The lock might not be designed well, and after you unlock it once, it's easier for someone else to unlock it again. You should put the remaining toys in a new box with a new combination.

End of ELI5.

BIP38 uses robust, slow, and difficult to brute-force encryption. It does allow users to put in their own password though, and users can make bad decisions. It doesn't prevent you from putting "password" as your password, or trivially short passwords that would be found quickly.
hero member
Activity: 756
Merit: 502
could somebody derive private key from BIP38 encrypted one without pass phrase?

if somebody develops a method to do like that, it is really scary..

ELI5 how does bip38 works and how secure it is?
Jump to: