Hi guys,
I have some technical question regarding wallet encryption.
I'm not searching for a ready-made solution, like an existing cold wallet, i'm just curious and trying to find a way to encrypt my wallets on a custom made device.
Let's say i want to encrypt my private keys using AES 256, a traditional password (8 to 10 characters) wouldn't be enough.
Using a master key (stored in a secure element, like physical wallets actually does) + a password seems stronger.
Question:
Is there any weakness in the fact to use the same master key to encrypt several wallets ?
If someone find a copy of my encrypted wallets, would it make it easier for him to 'brute force' them ? (it's like a multi-level equation).
Or is it more advisable to change the master key for each wallet ?.. what are the limits, and how cold stuffs usually works with several wallets ?
Memorizing a 16 character password with special characters shouldn't be an impossible task, and it should be safe enough to be impossible to bruteforce without the need of a master key which you can always lose. Im not sure how key derivation would work if they find your master key and you are using it on all your passwords.
In my opinion just memorize a 16 character password with strong characters and forget about master key files. Of course practice it a million times... I didn't, and lost a couple of hard drives encrypted with Veracrypt, now I can't open them, and believe me, no one is going to ever enter again these disks, not even myself. I'll wipe them whenever I feel like it.
