02-11-2018, 07:20 PM
This discussion would also be interesting here: https://hashcat.net/forum/thread-6405-po...l#pid39256
Basically, if you can reveal at least the last 2 blocks (2*16 bytes = 32 bytes) of the encseed and you know the encseed length and ideally also the raw seed length (which might be always the same!), you could perform an attack on the padding bytes (PKCS#7) without even the need to reveal the seed, bkp, ethereum address etc (of course also without leaking the public and private keys)
Basically, if you can reveal at least the last 2 blocks (2*16 bytes = 32 bytes) of the encseed and you know the encseed length and ideally also the raw seed length (which might be always the same!), you could perform an attack on the padding bytes (PKCS#7) without even the need to reveal the seed, bkp, ethereum address etc (of course also without leaking the public and private keys)