Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Are seeds created with generateRandomSeed insecure? #181

Open
claykohut opened this issue Jan 14, 2018 · 2 comments
Open

Are seeds created with generateRandomSeed insecure? #181

claykohut opened this issue Jan 14, 2018 · 2 comments

Comments

@claykohut
Copy link

I was previously generating seeds with generateRandomSeed and then using keyStore.createVault with the generated seed -- is that the wrong way to go about creating an account?

I saw another issue talking about how that was possibly vulnerable to rainbow table lookups -- is that the case or was I misreading?

If this is the wrong way to go about generating seeds, should I first be creating a vault and then getting the seed?

Thanks,
Clay
@Moejoe90
Copy link

Can you give a reference to where you might have seen that?

@coder5876
Copy link
Contributor

@claykohut generateRandomSeed should be secure, this is a good way to create a vault. this is not related to rainbow attacks, the rainbow attacks are mitigated by the salt in the keystore.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@claykohut @coder5876 @Moejoe90