|
Title: Why MD5 on mulitbit classic? Post by: f___o on May 20, 2016, 01:00:42 PM Hello,
I hope this is a good place to ask this question. I do security research on some bitcoin wallets. Among them multibit classic and HD. I was wondering why MD5 was used for key stretching in classic. Also, why was/is a fixed number of rounds used? Classic uses 1024 rounds of MD5. HD uses Scrypt with an N value of 16384 and some more bitcoin specific things. "I just felt like it" is a perfectly fine answer. Title: Re: Why MD5 on mulitbit classic? Post by: jim6181 on May 23, 2016, 01:04:19 PM For Classic the default bitcoinj key derivation was used.
For HD we switched to Scrypt because we thought the algorithm was superior, and 16,384 rounds was the version used in the Scrypt description paper so we thought it was OK to use. There are various different salts used in HD so that the same wallet words used for different wallet types (Trezor wallet, soft wallet) would not collide. Title: Re: Why MD5 on mulitbit classic? Post by: f___o on May 25, 2016, 08:32:24 AM For Classic the default bitcoinj key derivation was used. For HD we switched to Scrypt because we thought the algorithm was superior, and 16,384 rounds was the version used in the Scrypt description paper so we thought it was OK to use. There are various different salts used in HD so that the same wallet words used for different wallet types (Trezor walet, soft wallet) would not collide. Thanks, that was helpful. I was surprised that not more wallets use scrypt. Bitcoin-core has some code in place to deploy scrypt in the future though. |