Bitcoin Forum
July 27, 2017, 09:03:12 PM *
News: BIP91 seems stable: there's probably only slightly increased risk of confirmations disappearing. You should still prepare for Aug 1.
   Home   Help Search Donate Login Register  
Pages: [1]
Author Topic: Decrypting "My Wallet" Second Password  (Read 1418 times)
Offline Offline

Activity: 1

View Profile
July 02, 2012, 07:03:01 PM


The webpage details how the "My Wallet" information is stored as a JSON object, and then encrypted using AES-256.

The webpage also explains how the private key is encrypted with a "secondary password".

When you attempt to Export your "My Wallet" information, you have the option to "Leave Private Keys Encrypted".  This results in your private keys staying encrypted, and is displayed in a readable format similar to this:

    "priv" : "ASDKFcqMh7jfsuLgtdMwvrw29lBjfaH3gshahklrQ+v9KOxFAULDljGV7SKTXQF7QL8KWqdcjjsgk95tlMYHHg=="},
    "sharedKey" : "5ad12271-57d5-6ad8-79ce-49755a99f539",

The webpage also shows how encryption occurs like this:
var encryptedPK = Crypto.AES.encrypt(encrypted_pk, sharedKey + secondPassword);

I would like someone to explain how I can decrypt my "priv" key from the the ciphertext in the JSON object above.

I had assumed that I could simply plug the relevant values into an AES decryption routine - to derive the plaintext of my private keys.  However, I've not been able to decrypt this successfully when plugging my values in (taken from my own export) into a site such as these below:

I would like to verify for myself EXACTLY how the secondary password may decrypted, by using a website outside of blockchain to test the decryption - breaking down the operation clearly - so I can see what's going on.

Essentially, I would like to decrypt the "priv" string above, using my own the knowledge of my sharedKey and the SecondPassword.

How can I do this please?  Can someone provide a step by step breakdown of exactly how I can do this decryption please?

Many Thanks,

Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
Hero Member
Offline Offline

Posts: 1501189392

View Profile Personal Message (Offline)

Reply with quote  #2

Report to moderator
Offline Offline

Activity: 8

View Profile
May 18, 2017, 01:24:36 PM

i am too interested in this ...any chance to decrypt?
Offline Offline

Activity: 1162

<3 Vanity Addresses :)

View Profile
May 18, 2017, 07:39:25 PM

however, I've not been able to decrypt this successfully when plugging my values in (taken from my own export) into a site such as these below:
Well its creation so you should ask them how exactly their function work and why when you put your values there it doesn't work u think it should.
There is low chance that some computer science guy will answer you, probably just support that have 0 knowledge over this.
So you can always brute-force this function especialy when you have password that you can put to make brute-force easier.

Pages: [1]
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!