On Aug 12 2008, Matthew Toseland wrote: > We can increase the cost significantly and thereby slow the attacker > down. It's still possible, but it's no longer trivial, because they have > to try every key they are interested in against every block in the store
No they don't. They just unplug the network cable, start the node, and request each key they're interested in. Any keys that succeed are in the store. Strictly speaking it's true that obfuscating the store prevents an attacker from enumerating the keys it contains, but that's not really relevant because the attacker doesn't want a list of the keys in the store - they want to know whether certain keys are in the store. If I can find that out by starting the node without entering a passphrase then so can they. Cheers, Michael