Hard to give any kind of security review without seeing the source— but a few comments:
Source should be available this week :-) I'm going to put it up on Gitorious. Seems to be the hot place for BTC related projects!
Very true and I'm taking that into consideration when I'm writing. On one hand, I really wanted to take the attitude that YOU are responsible for choosing a good password but, let's be honest, that's not really fair for users. So yes, I'm going to use padding and strengthening. I've got a great module that does some great work with strengthening and I'll have a look at the one you linked to here too.
The size of someone's wallet leaks information because it grows as you get/send TX but not otherwise. Someone with access to the "cloud" storage file sizes could potentially backtrack an ID to a user by correlating the change in backup size with activity on the ID. This is really hard to prevent completely, but it's quiet easy to drastically reduce the amount of information available: Before encrypting pad the size up to some increment. This will hide some the least significant bits of the size, which have the most entropy. A rounding increment of 4kb wouldn't even use any more space on many filesystems, though a larger one will provide more confidentiality.
Excellent points and I appreciate the feedback. I was thinking 4kb would be good too since it's not very large and most filesystems wouldn't even blink at it. Although, to be honest, the wallet is so small I could almost add an arbitrary bit of padding and it not be a problem.
Thanks!
Rage
