|
Title: [SUGGESTION] New wallet.dat format Post by: rme on July 05, 2013, 12:15:35 PM Suggestion to Bitcoin-QT client
New wallet.dat format, featuring:
Also, this size allows to store all the addresses that you want without revealling how many you have just by looking at the size of the .dat file. (All wallets start with a 21MByte file.)
With this new format if you rename your encrypted wallet.dat file no one will know that is a Bitcoin wallet file. Also adding some extra rounds to the encryption so making bruteforcing impossible. For example if actual encryption on a average PC takes 0.001 seconds we can do 250 rounds so that takes 0.25 seconds (small time) but to a cracker it takes 250 times longer to bruteforce. Title: Re: [SUGGESTION] New wallet.dat format Post by: jackjack on July 05, 2013, 12:40:45 PM Drawbacks:
Why not 21GB?
Why does it even matter that people see it's a wallet? That's the point of the passphrase to take care of that. Title: Re: [SUGGESTION] New wallet.dat format Post by: rme on July 05, 2013, 12:42:41 PM Drawbacks:
Why not 21GB? Please tell me a example of poor connection.
Why does it even matter that people see it's a wallet? That's the point of the passphrase to take care of that. In the future maybe if your computer has a wallet.dat backup you are forced to tell the password. Answered Title: Re: [SUGGESTION] New wallet.dat format Post by: Rannasha on July 05, 2013, 01:41:05 PM Padding the wallet-file to become 21 MB (or larger) is mostly useless.
If the wallet is unencrypted (which is the target demographic for wallet-stealing trojans), then a trojan or malicious java applet can simply open the file, locate the relevant segments of data (since the structure of the wallet will be public knowledge as Bitcoin is opensource) and only transmit those. The attacker can then construct a new, padded wallet file at his leisure using the stolen data and afterwards access the funds. Title: Re: [SUGGESTION] New wallet.dat format Post by: Mahn on July 05, 2013, 02:09:09 PM Padding the wallet-file to become 21 MB (or larger) is mostly useless. If the wallet is unencrypted (which is the target demographic for wallet-stealing trojans), then a trojan or malicious java applet can simply open the file, locate the relevant segments of data (since the structure of the wallet will be public knowledge as Bitcoin is opensource) and only transmit those. The attacker can then construct a new, padded wallet file at his leisure using the stolen data and afterwards access the funds. I was about to post this. Unless you change the way private keys are generated and work, which would 1) invalidate existing private keys, and 2) make brain wallets, online generators and paper wallet generators useless, there's not much one can do to increase the file size short of padding it which wouldn't really protect it from an attacker. Title: Re: [SUGGESTION] New wallet.dat format Post by: rme on July 05, 2013, 03:57:22 PM Padding the wallet-file to become 21 MB (or larger) is mostly useless. If the wallet is unencrypted (which is the target demographic for wallet-stealing trojans), then a trojan or malicious java applet can simply open the file, locate the relevant segments of data (since the structure of the wallet will be public knowledge as Bitcoin is opensource) and only transmit those. The attacker can then construct a new, padded wallet file at his leisure using the stolen data and afterwards access the funds. I was about to post this. Unless you change the way private keys are generated and work, which would 1) invalidate existing private keys, and 2) make brain wallets, online generators and paper wallet generators useless, there's not much one can do to increase the file size short of padding it which wouldn't really protect it from an attacker. Nope, the "unencrypted default wallet" can be simply a wallet encrypted with the password "bitcoin". I mean, the java applet cannot open and locate the relevant segments of data without decrypting. So the Bitcoin-QT client by default encrypts wallet with "bitcoin" but to the user is unencrypted. If you dont setup a password the wallet is still encrypted (by a know password "bitcoin") so the client dont prompt for a password. Title: Re: [SUGGESTION] New wallet.dat format Post by: Rannasha on July 05, 2013, 04:34:46 PM Padding the wallet-file to become 21 MB (or larger) is mostly useless. If the wallet is unencrypted (which is the target demographic for wallet-stealing trojans), then a trojan or malicious java applet can simply open the file, locate the relevant segments of data (since the structure of the wallet will be public knowledge as Bitcoin is opensource) and only transmit those. The attacker can then construct a new, padded wallet file at his leisure using the stolen data and afterwards access the funds. I was about to post this. Unless you change the way private keys are generated and work, which would 1) invalidate existing private keys, and 2) make brain wallets, online generators and paper wallet generators useless, there's not much one can do to increase the file size short of padding it which wouldn't really protect it from an attacker. Nope, the "unencrypted default wallet" can be simply a wallet encrypted with the password "bitcoin". I mean, the java applet cannot open and locate the relevant segments of data without decrypting. So the Bitcoin-QT client by default encrypts wallet with "bitcoin" but to the user is unencrypted. If you dont setup a password the wallet is still encrypted (by a know password "bitcoin") so the client dont prompt for a password. 1 day after such a change goes live, malware writers will have included a function to decrypt using the default password and then try to read it. If someone isn't encrypting his wallet today, he won't bother changing the default encryption password. The only real way around this issue is to prompt users to provide an encryption password whenever Bitcoin-qt is launched with an unencrypted wallet.dat. Basically force users to use encryption. But if that's desirable is debatable. |