Re: [ANN PoS+ PoW] eXocoin [EXO] - gen 2.0 - developed from scratch! Free Give-Away
No, I actually thought of AES256-CBC:
Quote
Wallet encryption uses AES-256-CBC to encrypt only the private keys that are held in a wallet. The keys are encrypted with a master key which is entirely random. This master key is then encrypted with AES-256-CBC with a key derived from the passphrase using SHA512 and OpenSSL's EVP_BytesToKey and a dynamic number of rounds determined by the speed of the machine which does the initial encryption (and is updated based on the speed of a computer which does a subsequent passphrase change).
https://en.bitcoin.it/wiki/Wallet_encryption
Exactly what I said. AES is encryption. It's not applied "repeatedly". The password is HASHED repeatedly (in this case with SHA512)
PBKDF2 does exactly the same thing
http://en.wikipedia.org/wiki/PBKDF2
The encryption can still be AES with PBKDF2
So it works like this.
User's password = password
Hash the password, lets say 100,000 times to slow brute force.
100,000 times: password = Hash (password) ..
Use the end result of that 100K hashes to encrypt with AES
You are right, that is exactly what should be done. Thanks for straightening this out!
Your turn, eXo_coin...
