If true, that would be serious security hole. 64-bit is nothing.
It is true and it is not bug. It is feature. You are welcome to open account №100000 with 100'000NXT onboard for a week  How is weak security a "feature"? Please explain this to me: If someone has never used their account to send transaction, the atttacker needs to brute only first 64-bit to take over that account. If the account has been used to send a transaction, then all 256-bit are required to take over the account. Is that true? Am I missing something? If yes, please update the site with a fair warning that new accounts must send at least one transaction. Their so-called 30 char password isn't really 30 char. It's only (much smaller) 64-bit (around 11 chars with A-Z letters in caps/small and 0-9 digitis). I did not know this before reading this thread. Someone might just invest a few thousand dollars, never send a transactions, and that account then is open to brute forcing 64-bit |
|
|
|
This is still not clear to me.
Basically, the account number is only 64-bit. The full 256-bit would secure your account if you use that account to send some transaction.
If someone has never used their account for sending transaction but only for receiving money, brute forcing that account would be equivalent to brute forcing 64-bit encryption/key.
Wow.
If true, that would be serious security hole. 64-bit is nothing.
A custom built machine can break all these unused accounts with money in it (but have never been used to send transactions) with a week
Please fix this
a week?  DES (predeseccor of AES) was 56 bit. In 2008 COPACOBANA reduced the time to break DES to less than one day, using 128 Spartan-3 5000's. Currently SciEngines RIVYERA holds the record in brute-force breaking DES, having utilized 128 Spartan-3 5000 FPGAs. Their 256 Spartan-6 LX150 model has even lowered this time. 64-bit is only 8 times stronger than 56-bit. 64-bit is not secure, especially when money is involved and off line attack is possible. Make the accounts at least 80 bit, but 128-bit would be much better. Break DES in less than a single day http://www.sciengines.com/company/news-a-events/74-des-in-1-day.htmlAnd that was back in 2009, 5 years ago. |
|
|
|
|
This is still not clear to me.
Basically, the account number is only 64-bit. The full 256-bit would secure your account if you use that account to send some transaction.
If someone has never used their account for sending transaction but only for receiving money, brute forcing that account would be equivalent to brute forcing 64-bit encryption/key.
Wow.
If true, that would be serious security hole. 64-bit is nothing.
A custom built machine can break all these unused accounts with money in it (but have never been used to send transactions) with a week
Please fix this
|
|
|
|
|
"How does electrum ensure that each seed is unique and cannot be Brute-forced?"
First Electrum generates 128-bit random number using cryptogen. The seed is then derived from that number.
So yes, Electrun's seed is very safe.
|
|
|
|
A few days ago (luckily) I read a PDF document that described a vulnerability in several password managers (like 1Passwprd, lastpass) that when they see say "google.com" domain they will autofill gmail's password field and user name (even if the fields are hidden on page) and when the user clicks on "continue" or "vote" (if it was a poll on the psge) the passwords are sent to the hacker. So today on twitter I saw this guy https://twitter.com/CoinMKTCapgiving a link to this page hosted on google.com (be careful before clicking anything on the page) https://docs.google.com/forms/d/1IZf5cBivam_93zENT_arFFuvWDidHGjWxoTMVmFSoWg/viewformNow why on earth would this be on docs.google.com if this is anything legitimate? Why not on your own site? Right click and "view source" and I do see things like on the page: ^(focus|focusin|submit)$/i,r=/^(input|textarea)$/i,s=/^password$/i,l=!!("placeholder"in x);l| If this page steals gmails passwords (and I think most likely it does), I would have fallen for this -- for sure --had I not read PDF that describes the hack just a few days before https://www.isecpartners.com/media/106983/password_managers_nov13.pdf |
|
|
|
All the new passwords are long 18-21 characters.I`s it stronger now?Or change it to longers?
I would suggest a password manager. I use Lastpass (which I think is pretty secure with 2 FA authentication), but if you are not comfortable with that, use offline manager like Keepass |
|
|
|
A new site where anyone (especially females) can open their own store and sell their adult videos, photos, used panties, used shoes, custom videos, custom photos, webcam and phone chat services for bitcoin. http://fap4coins.com/A new site, but hopefully someday it will have as much content as clips4sale  |
|
|
|
I just can't believe that I am the ONLY person with certain info about the transaction but that won't help me get my coins... SO I have the seed info, its correct, it briongs up either the wrong wallet which is impossible, or it somehow lost the info for my transaction, so to hell with the seed. How else can I get my coins if I have "TXId" code and "default wallet" files?
Please post the "TXId" code here |
|
|
|
|
Do you have a link to transaction tx on blockchain?
|
|
|
|
Okay guys you are right and my haste is what got me here in first place. However I have my seed and have restored 10+ times and tried it all I'm thinking. but lets got step by step.
So from the beginning:
Where do we start?
I have a screean shot of the actual words when I first got them, so what info do you need?
Make sure you are not misspelling the seed. You should have copied and pasted the seed as txt document so you could have restored it with copy and paste again. |
|
|
|
|
Hi,
Just a question
I know that the master seed is created randomly with 128-bit entropy. All the private and change keys are derived from the master seed; so all your keys are related to each other in some mathematical way.
Now, if someone sends bitcoins to internal private key, would it be possible someday (theoretically) that some hacker who looks at the transaction between two of your internal keys on blockchain would be able to figure out the private keys because of that mathematical relation between the two keys?
Has this been looked at deeper? So lets say the transaction happened between 2 keys that were connected by publicly known mathematical function (as is the case with Electrum keys). Could this create a security hole?
|
|
|
|
it looks more like a noob trying to attract attention.. electrum uses the python-ecdsa library to generate the seed, which calls os.urandom(), and not python's random library. btw, this "cracker" does use python's random library. on linux, os.urandom is non blocking, meaning that it is safe as long as you don't call it repeatedly (which might deplete your entropy pool). Yes, I looked it up. On Windows it will be using CryptGenRandom http://en.wikipedia.org/wiki/CryptGenRandomwhich on latest versions of Windows should be pretty secure. |
|
|
|
Here is the original post from the Newbies section https://bitcointalk.org/index.php?topic=329087.0Hi Guys, Im Evil Knievel and I am new here. Im from the beauiful Brazil and get more and more intrested in the question how secure bitcoin eventually is. "The only way to improve security is to unveil its flaws" - 2013, Evil-Knievel Unfortunately I am a newbie and restricted to this forum. However I have the feeling, that the Electrum Brainwallet Principle is not fully secure. Let me first summarize how Electrum works. In Electrum you have a "Master-Key" which (even when you lose your wallet due to hard disk failure and stuff) you can fully restore all your wallets / change-wallets etc. This "Master Public Key" what they call it, is represented by a "memorizable" string of 12 random words from a word list. While in theory (at a word list length of 1626) you have 1626^12 different possibilites we are not yet sure if the search space is really that big. It yet has to be determined if (and how many) collisions e.g. word combinations leading to the same Master-Public-Key actually exist, and yet to be checked if some words are picked more likely than others depending on the entropy coming from pythons esdsa random function. But as a first step I have come up with an Electrum Cracker, that will search for active wallets created by random combinations of 12 words. I would hope you guys want to participate in that experiment and maybe contribute in this open source project. Checkout the script on github ( https://github.com/Evil-Knievel/electrum-cracker). Hope you like it, and I also hope for an intresting discussion towards electrum's brainwallet stuff. I haven't known of a response yet from the devs on what is this person referring to Looking at older archive, I found The seed is a 128 bits random number, generated by os.urandom()
The seed is represented as a sequence of words in order to facilitate memorization and storage, but it can as well be represented as a hexadecimal string, or as a number.
For some reason, people tend to perceive words as "less random" than numbers. That's an illusion.
The only thing that actually matters is the number of bits of entropy in your seed (128 bits is considered as very safe, and will probably remain safe until real quantum computers are invented), and the quality of your source of randomness (electrum does not use python's random module) So as I understand it the words are used only for memorization, but the actual seed is 128 bit random number. "electrum does not use python's random module" If so, why os.urandom() ? Isn't that python's random module? |
|
|
|
|
I want to buy around 10,000 PPcoins. Any safe way to do it without going through btc-e process? I don't have BTC coins anyway to do the exchange. It's been 5 days since I have been waiting for coinbase to confirm account. We can do it in smaller amount overtime too to minimize risk.
I know I don't have history here, but I have been doing online commerce for years (long feedback on ebay). I can do anything from Amazon gift, to amazon payment, to paypal instant payment, to pyaza, etc.
|
|
|
|
|
Show Posts
