CryptKeeper
Legendary
 Offline
Activity: 2044
Merit: 1055
|
 |
March 15, 2014, 07:35:06 AM |
|
Please consider using multiple rounds of AES256 encryption for the wallet (bitcoin-qt style) until you meet a given time,
You mean multiple rounds of password hashing to generate the AES key http://en.wikipedia.org/wiki/PBKDF2Repeatedly doing AES does nothing, as AES is designed to be fast and it is implemented at hardware, like in Intel CPUs No, I actually thought of AES256-CBC: Wallet encryption uses AES-256-CBC to encrypt only the private keys that are held in a wallet. The keys are encrypted with a master key which is entirely random. This master key is then encrypted with AES-256-CBC with a key derived from the passphrase using SHA512 and OpenSSL's EVP_BytesToKey and a dynamic number of rounds determined by the speed of the machine which does the initial encryption (and is updated based on the speed of a computer which does a subsequent passphrase change). https://en.bitcoin.it/wiki/Wallet_encryption |
Follow me on twitter! I'm a private Bitcoin and altcoin hodler. Giving away crypto for free on my Twitter feed!
|
|
|
|
burningzoul
|
|
March 15, 2014, 08:32:18 AM |
|
+1 waiting for mining phase good luck!
|
|
|
|
|
|
Eadeqa
|
|
March 15, 2014, 09:30:41 AM
Last edit: March 15, 2014, 09:47:43 AM by Eadeqa |
|
No, I actually thought of AES256-CBC: Wallet encryption uses AES-256-CBC to encrypt only the private keys that are held in a wallet. The keys are encrypted with a master key which is entirely random. This master key is then encrypted with AES-256-CBC with a key derived from the passphrase using SHA512 and OpenSSL's EVP_BytesToKey and a dynamic number of rounds determined by the speed of the machine which does the initial encryption (and is updated based on the speed of a computer which does a subsequent passphrase change). https://en.bitcoin.it/wiki/Wallet_encryptionExactly what I said. AES is encryption. It's not applied "repeatedly". The password is HASHED repeatedly (in this case with SHA512) PBKDF2 does exactly the same thing http://en.wikipedia.org/wiki/PBKDF2The encryption can still be AES with PBKDF2 So it works like this. User's password = password Hash the password, lets say 100,000 times to slow brute force. 100,000 times: password = Hash (password) .. Use the end result of that 100K hashes to encrypt with AES |
|
|
|
CryptKeeper
Legendary
Offline
Activity: 2044
Merit: 1055
|
|
March 15, 2014, 02:18:02 PM |
|
No, I actually thought of AES256-CBC: Wallet encryption uses AES-256-CBC to encrypt only the private keys that are held in a wallet. The keys are encrypted with a master key which is entirely random. This master key is then encrypted with AES-256-CBC with a key derived from the passphrase using SHA512 and OpenSSL's EVP_BytesToKey and a dynamic number of rounds determined by the speed of the machine which does the initial encryption (and is updated based on the speed of a computer which does a subsequent passphrase change). https://en.bitcoin.it/wiki/Wallet_encryptionExactly what I said. AES is encryption. It's not applied "repeatedly". The password is HASHED repeatedly (in this case with SHA512) PBKDF2 does exactly the same thing http://en.wikipedia.org/wiki/PBKDF2The encryption can still be AES with PBKDF2 So it works like this. User's password = password Hash the password, lets say 100,000 times to slow brute force. 100,000 times: password = Hash (password) .. Use the end result of that 100K hashes to encrypt with AES You are right, that is exactly what should be done. Thanks for straightening this out! Your turn, eXo_coin...  |
Follow me on twitter! I'm a private Bitcoin and altcoin hodler. Giving away crypto for free on my Twitter feed!
|
|
|
Ziggy
Member
Offline
Activity: 85
Merit: 10
|
|
March 15, 2014, 08:23:12 PM |
|
missed the 1st stage,waitng for 2nd...
|
|
|
|
|
ComPared
Member
Offline
Activity: 68
Merit: 10
|
|
March 15, 2014, 08:26:40 PM |
|
Look great. waiting for the 2nd round ipo
|
|
|
|
|
zrunfeng
|
|
March 16, 2014, 02:29:08 AM |
|
i like this ,i want to join
|
|
|
|
|
cnaiguozhe
Newbie
Offline
Activity: 10
Merit: 0
|
|
March 16, 2014, 08:11:34 AM |
|
1.5BTC send to 1CdK3k3kgyn8rhhUihcF1ZpFmwmzFLai6Y transaction ID (TXID): abccfb0b11aeebbd39b02267b22c3c77e4354f8106140cd3d99a7536b6ecbe2a email address: cnaiguozhe@126.comusername: cnaiguozhe Thanks! This is my investment , why not invest hosting my list Thank you Investment in escrow did not find me Thank you |
|
|
|
|
allwelder
Legendary
Offline
Activity: 1512
Merit: 1004
|
|
March 16, 2014, 10:53:21 AM |
|
any updated info ?
|
|
|
|
|
hala
|
|
March 16, 2014, 03:09:09 PM |
|
1.5BTC send to 1CdK3k3kgyn8rhhUihcF1ZpFmwmzFLai6Y transaction ID (TXID): abccfb0b11aeebbd39b02267b22c3c77e4354f8106140cd3d99a7536b6ecbe2a email address: cnaiguozhe@126.comusername: cnaiguozhe Thanks! This is my investment , why not invest hosting my list Thank you Investment in escrow did not find me Thank you If you investment use escrow service, the best way is PM Anon136, so he can response you quickly. If you investment directly , its ok if you get confirmation from eXo_coin. Anyway , the best way for communication is PM the author directly. |
|
|
|
|
|
|
|
hala
|
|
March 17, 2014, 05:08:05 AM
Last edit: March 17, 2014, 05:30:55 AM by hala |
|
The UI seems a little like pirate , especially the "X" . I dont like it |
|
|
|
|
Anon136
Legendary
Offline
Activity: 1722
Merit: 1217
|
|
March 17, 2014, 05:10:09 AM |
|
1.5BTC send to 1CdK3k3kgyn8rhhUihcF1ZpFmwmzFLai6Y transaction ID (TXID): abccfb0b11aeebbd39b02267b22c3c77e4354f8106140cd3d99a7536b6ecbe2a email address: cnaiguozhe@126.comusername: cnaiguozhe Thanks! This is my investment , why not invest hosting my list Thank you Investment in escrow did not find me Thank you uh oh did i make a mistake? pm me so we can get it sorted out. |
Rep Thread: https://bitcointalk.org/index.php?topic=381041If one can not confer upon another a right which he does not himself first possess, by what means does the state derive the right to engage in behaviors from which the public is prohibited? |
|
|
|
NWO
|
|
March 17, 2014, 05:19:55 AM |
|
We should help the devs out by getting a logo competition rolling.
Is there any news on second round funding or time frames for the actual coin release?
|
|
|
|
|
|
hala
|
|
March 17, 2014, 05:56:20 AM |
|
We should help the devs out by getting a logo competition rolling.
Is there any news on second round funding or time frames for the actual coin release?
U can see it at http://exocoin.org/index.php?s=whitepaper |
|
|
|
|
|
NWO
|
|
March 17, 2014, 07:44:28 AM |
|
We should help the devs out by getting a logo competition rolling.
Is there any news on second round funding or time frames for the actual coin release?
U can see it at http://exocoin.org/index.php?s=whitepaperThanks +1 I'm glad they are opening second round funding after the open beta. Due to the risk of the first round investors, I hope they are rewarded appropriately. |
|
|
|
|
|
hala
|
|
March 17, 2014, 09:30:55 AM |
|
We should help the devs out by getting a logo competition rolling.
Is there any news on second round funding or time frames for the actual coin release?
U can see it at http://exocoin.org/index.php?s=whitepaperThanks +1 I'm glad they are opening second round funding after the open beta. Due to the risk of the first round investors, I hope they are rewarded appropriately. You are welcome. Thanks for your blessing and I hope this coin will be success, despite I am also a early-bird. |
|
|
|
|
dave5555
Newbie
Offline
Activity: 52
Merit: 0
|
|
March 17, 2014, 04:12:47 PM |
|
Question, can 1st stage investors get in on 2nd stage if they haven't reached limit yet?
|
|
|
|
|
twistelaar
Legendary
Offline
Activity: 1148
Merit: 1000
|
|
March 17, 2014, 04:23:59 PM |
|
Question, can 1st stage investors get in on 2nd stage if they haven't reached limit yet?
yes |
|
|
|
|
|
Tobo
|
|
March 17, 2014, 06:19:18 PM |
|
You are right we shoudl have updated the ETA time there as well. Here is the next version: whitepaper v1.2You can expect a major update on the whitepaper as of 1.3 1.2 "just" have some more/updated screenshots, small text rework but 2 diagrams for better understanding. And added some code snippets. V1.3 will contain security important code implementations (like the whole crypto implementations maybe). As stated - we will use the time from now on for code redesign, generating more debug information, fixing bugs and guard threads. Open beta *ETA* is 30th march (trying to get a working linux implementation until then as well (good chances we get it on-time), otherwise WINE will work at least.....) Website redesign and more "marketing things" will be faced in one or two weeks. +1. Making progress. |
|
|
|
|
|
