Bitcoin Forum

Bitcoin => Bitcoin Technical Support => Topic started by: pf on July 14, 2015, 08:40:38 PM



Title: Which is safer from brute force attacks, wallet.dat or BIP38 encrypted key?
Post by: pf on July 14, 2015, 08:40:38 PM
Two ways:

1. Encrypt my wallet.dat in Bitcoin Core, generate a new address, and just keep the address there.

2. BIP38 encrypt the private key with the same password.

Which of the two - encrypted wallet.dat or BIP38 - keeps the private key in question safer against brute force attacks (password guesses)?

I suspect it's BIP38 since it uses scrypt (correct me if I'm wrong). In this case, are there plans to make Bitcoin Core use scrypt - to make it as safe against brute force as BIP38? I would kind of prefer just sticking to Bitcoin Core. Using an external tool to BIP38 encrypt is tedious.


Title: Re: Which is safer from brute force attacks, wallet.dat or BIP38 encrypted key?
Post by: achow101 on July 14, 2015, 09:14:59 PM
I think they are probably equally safe. The wallet uses SHA512 and openssl to derive a key from your password before doing AES256 using the derived key. BIP38 on the other hand uses Scrypt to derive the key before encrypting with AES256 with the key. I think they both work just as well but BIP38 might be a little safer since scrypt is specially designed for key derivation and is designed to be slow.


Title: Re: Which is safer from brute force attacks, wallet.dat or BIP38 encrypted key?
Post by: Xialla on July 14, 2015, 09:30:06 PM
if you will establish password, which is strong and long enough and it is not stored in any digital form and just printed, both methods are very secure and theoretically impossible to hack using current HW and possibilities.

for basic overview, how long it will take just visit https://www.grc.com/haystack.htm and try equivalent of your password, it may improve your sleep comfort as well:)