Bitcoin Forum
December 03, 2016, 09:46:05 AM *
News: To be able to use the next phase of the beta forum software, please ensure that your email address is correct/functional.
 
   Home   Help Search Donate Login Register  
Pages: « 1 [2]  All
  Print  
Author Topic: Are you struggling for passwords for wallet encryption ?  (Read 2114 times)
BubbleBoy
Sr. Member
****
Offline Offline

Activity: 322



View Profile
September 24, 2011, 02:23:33 PM
 #21

It's quite possible, depending on the algorithm used and the size of the attacker. The key-space for 9 characters is 6.37 x 10^17 so assuming it's a SHA256 salted hash then the current bitcoin mining network at 15THash/sec will exhaust the keyspace in 12 hours. The US government can probably do it in minutes. You could rent the current mining network for a small multiple of t 6*50BTC*5$ = 1500$/hour, assuming a market for cracking SHA256 hashes would exist.
To escape even the US government use a 16 character random password not generated by a human (no inter-character memory, characters are statistically independent). That is indeed hard to remember.

You obviously haven't heard of key strengthening.  

I am clearly aware of key derivation - that's why I said "depending on the algorithm" and specified the attack scenario. In fact I went as far as as suggesting the best password derivation scheme at the moment - scrypt - to the bitcoin developers. That would have been even stronger than the dynamic round count they are currently using.

That said, you must realize that you have no control or information over what key derivation scheme sites you visit are using. A key derivation scheme that employs 1 second of CPU time is completely inadequate for a high traffic site - it will bog down the server CPU with a minuscule number of users currently logging in. That's why many sites use simply a salted hash, or a reduced-round variant like the md5crypt that only uses 5000 iterations. That's an extra 12 bits of entropy, but still not enough to protect a weak password.
1480758365
Hero Member
*
Offline Offline

Posts: 1480758365

View Profile Personal Message (Offline)

Ignore
1480758365
Reply with quote  #2

1480758365
Report to moderator
1480758365
Hero Member
*
Offline Offline

Posts: 1480758365

View Profile Personal Message (Offline)

Ignore
1480758365
Reply with quote  #2

1480758365
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
DeathAndTaxes
Donator
Legendary
*
Offline Offline

Activity: 1218


Gerald Davis


View Profile
September 24, 2011, 03:46:06 PM
 #22


I am clearly aware of key derivation - that's why I said "depending on the algorithm" and specified the attack scenario. In fact I went as far as as suggesting the best password derivation scheme at the moment - scrypt - to the bitcoin developers. That would have been even stronger than the dynamic round count they are currently using.

Then why did you base a hypothetical attack @ 12 hours using entire bitcoin network.  That would require 1 hash = 1 key.  Even the weakest key derivation funciton would increase that attack scope by a factor of 1000x.

Of course this thread is about bitcoin wallet passwords which do use a much stronger key derivation function meaning your 12 hour "estimate" is off by a factor of at least 50,000x.

Quote
That said, you must realize that you have no control or information over what key derivation scheme sites you visit are using. A key derivation scheme that employs 1 second of CPU time is completely inadequate for a high traffic site - it will bog down the server CPU with a minuscule number of users currently logging in. That's why many sites use simply a salted hash, or a reduced-round variant like the md5crypt that only uses 5000 iterations. That's an extra 12 bits of entropy, but still not enough to protect a weak password.

Which really has nothing to do with this thread but even a 5000 round iteration vastly increases the number of hashes per key.  All your assumptions and "estimates" were based on 1 hash = 1 key which was a problem solved nearly 3 decades ago.
lettucebee
Sr. Member
****
Offline Offline

Activity: 253



View Profile
September 24, 2011, 05:42:38 PM
 #23

God, you guys bum me out!  What should the average person do about passwords?  I got keepass, and I put all my precious passwords in there, like priceless gems that unlock all that matters to me.  But I have to create a password for Keepass, no?  And the strength of that matters more than all the passwords it contains!

ctoon6
Sr. Member
****
Offline Offline

Activity: 350



View Profile
September 24, 2011, 06:15:03 PM
 #24

God, you guys bum me out!  What should the average person do about passwords?  I got keepass, and I put all my precious passwords in there, like priceless gems that unlock all that matters to me.  But I have to create a password for Keepass, no?  And the strength of that matters more than all the passwords it contains!



use multiple words, put a rememberable number in between each number. example is "this80is80my80computer80" if you were born in 1980 and such. its long and will be perfectly fine for normal use. use a unique password for each website. use keepass if you trust that you will keep your computer safe from viruses and such. keep in mind, you can never get your passwords out of keepass if you forget your password or loose the keyfile.

Pages: « 1 [2]  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!