Author

Topic: SHA256 password hashing? (Read 607 times)

newbie
Activity: 5
Merit: 0
May 10, 2014, 08:21:12 AM
#4
Thank you for the quick replies. I figured that the wallet encryption process wasn't as simple as hashing the password but I just didn't actually know how it actually worked.
Are there any links or documentation on wallet encryption I can look into?
legendary
Activity: 2058
Merit: 1452
May 09, 2014, 09:22:27 PM
#3
the post in question talks about password hashing, as in comparing the entered password to a stored hash for authentication. bitcoin does not work this way. instead, it uses a key stretching function described in gmaxwell's post above to derive the AES decryption key.
staff
Activity: 4284
Merit: 8808
May 09, 2014, 08:41:19 PM
#2
Bitcoin core wallet encryption uses a salted KDF and 100ms (on your computer) worth of SHA512, with a hard minimum of 25,000 iterations (though on normal computers its well in excess of 100k iterations). There is only so much you can do for a really bad key, but Bitcoin core does the prudent thing and makes very fast searches infeasible.
newbie
Activity: 5
Merit: 0
May 09, 2014, 06:27:40 PM
#1
Someone used this as a counter argument to Bitcoins security on encrypted wallets.

http://forums.udacity.com/questions/6016855/hashing-passwords-using-sha256-is-not-enough-today

How does this apply to bitcoin (besides using ASICs for hashing) and does his argument hold any merit? I'm ignorant as to how Bitcoin Core encrypts wallets to prevent unauthorized usage so can someone please enlighten me?
Jump to: