1
I was reviewing how Electrum wallet protect my seed. They say this regarding seed protection:
Your seed and private keys are encrypted using AES-256-CBC.
Source: http://docs.electrum.org/en/latest/faq.html#how-is-the-wallet-encrypted
My question: AES-256 requires a 256 bit key; yet Electrum password's size is 12 characters as per Riaan Swart [1]. Where do the remaining 160 bits come from for the AES-256 encryption key?
1
Electrum uses hash function on your input to create a key. Now you may be asking what the problem to do a brute force to the short password for all possibilities of hashes and try to crack the key.
Electrum using a hash function, that takes lot of times, to solve. So to create many hashes for brute force it will take forever.
0
You can set any size password in electrum and you can use any size password to encrypt using AES 256. Also the key stretching that Electrum performs on the password is rather minimal. Just a double sha256sum. So a weak password is not going to stand up to brute forcing.
Don't confuse the wallet password with the wallet seed. That is computer generated and provides 135 bits security.
The password is merely used to encrypt the wallet file on your PC. An attacker can steal from you if they have a) the seed words or b) the wallet file + some idea of the wallet password.
Ok, I think i got it. So they hash the password and use the hash as key to encrypt the seed. Is that a fair summary? – Klaus – 2018-01-24T22:15:16.180
Yes. But they use a hash function that takes a lot of time to compute. – Aminadav Glickshtein – 2018-01-24T23:31:56.033