A random salt from a range with x values has the same computational requirements as a recursive hash with x rounds.
Even 100K is likely sufficient for your needs but modern CPU are much faster than you are thinking. Throughput is in the millions of hashes per second. If you are willing to wait minutes you could make the salt say a random 32 bit int. Remember it will take you the same amount of time for every typo or misremembered passphrase too.
Still there really is no value of doing it this way over an recursive hash. Given recursive hash functions like PBKDF2 are well researched and extensively used I would always go with that option over any type of "roll your own" cryptography.
Actually, wouldn't it have somewhat fewer computational requirements?
If x = 4, the recursive has has to go through 4 iterations.
However, the random cracker has a 1/4 chance of getting it the first time, 1/2 in the second or first one, and so on.
Not that this is a good thing from a cryptographic point of view, but, you know.
Doesn't recursive hashing reduce entropy? I assume difference is probably too small to matter, though. I don't know, I guess I just like the idea of requiring some randomness to access the coins. If I did it that way, I could have a lot of different addresses in my wallet all using the same key. Of course, the same thing is possible just by adding more hashes for new addresses.
Thanks for the insight.
