Show Posts
|
Pages: « 1 2 [3] 4 5 6 »
|
you dont knoe privkey, in this situatio you cant suvstracr
I didn't think it needed any further explanation, but well, of course, you need to subtract public key of 55 from public key of 99 to get public key of 44.
|
|
|
You can just subtract divider from original key (99-55 = 44) to get same results without complex EC divisions and multiplications.
|
|
|
This cannot be done without knowing the private key.
|
|
|
Hello, I have a question. I want to run a kangaroo using 4ea 3080ti graphics cards.
The option is... -gpu -gpuId 0,1,2,3 findchk.txt I use it like this.
It doesn't speed up as much as when you use a graphic card. When using 1ex graphic card, speed is 1300 MK/s.
When using a 4ex graphic card, speed is 300Mk/s.
I don't know where it went wrong. Thank you in advance.
Don't use cpu at all, -t 0 Check your grid size. Also, if you use low dp setting with fast gpu, too many points enters main hashtable, this slows down overall speed.
|
|
|
Hello everybody. The question arose. How to determine between the two public keys which is bigger? In addition to the subtraction function. Example. 123456789 private key is not known to us. His public key. 025004d7d9c2a3b2d675ada618d9ceda55d1f6a9fdf263e24daa8cbea586af2b2b
And accordingly his rival. 12345678a private key is not known to us His public key. 02fde2347f83e21198fc48b918f5657c188ffcdd8611b39b987230addb91d05d80
Thanks for the answer.
There is no way to do this. If it were possible, the ecc would be completely broken.
|
|
|
No, you have to check 2^(256-96) = 2^160 keys in average to find the private key to a specific address.
yeah, you're right here, I wrote it wrong.
|
|
|
Ok, thank you so much, so let's say i want to bruteforce a specific publickey that has for example 1,000 bitcoins in it. so my questions are: so does the publickey that i want to attack for example using Kangaroo exists only 1 TIME with its privatekey in the whole range of 2^160 is that right ? so if i want to get that unique private key from its unique publickey, i need to bruteforce from 0 to 2^160 in order to get it, is that also correct?
Kangaroo works with specific public key only, not the address, so you have to check whole secp256k1 keyspace to find it - 2^256 (using symmetry and endomorphism this can be reduced to ~2^254) If we talking about bruteforce like bitCrack, you have to check 2^97 keys in average to find specific address (not the specific public key)
|
|
|
guys dumb question, there are 2^256 private and public keys and total of 2^160 addresses, so 2^256/2^160 = 2^96 keys per address. but how can be 2^96 keys that connect to same address? so what changes then? does public key stay the same and only private key changes, or does both changes with 2^96 address each one..?
Every private key has it own unique public key, but hashing of different public keys may produce same hashes (addresses). Thus, in average, 2^96 different public/private keys have the same address.
|
|
|
Yes, indeed I calculate (-k*G + k*G) as any other EC addition using this function : LamAdd = ((b[1] - a[1]) * modinv(b[0] - a[0], P)) % P
As I said before, there is no exists inverse of zero (a[0] = b[0], b[0]-a[0] = 0) If you modinv() function returning something with a zero argument, this is mean that is a wrong (or simplified - without error checking) implementation of modular multiplicative inverse. And that is why you're getting unexpected strange numbers in result. Basically, zero-point, or identity point cannot be calculated, it is defined as [0;1;0] in projective coordinates or [P,0] in affine. Due to all of this, addition algorithms should contain something like "if (p1.y != p2.y and p1.x == p2.x) return zero"
|
|
|
Maybe the zero infinity point is just an abstract notion and therefore we are not allowed to calculate (-k*G + k*G) as a normal addition.
You can't calculate -P+P in a "normal" way, because this points have same X, so it will lead to division by zero (or, if we talking about EC math - multiplicative modular inverse of zero which doesn't exist). -2*G + 2*G=(49667982834466148699028630885550314015746939561788444090107179747772288677390, 37758011528734597361759657276645959964664126776856991748971785837209648797521).
Nobody can't help you here, until you explain how exactly you're calculated this numbers
|
|
|
Zero point in secp256k1 is point with zero Y (X = P = FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F) All basic calculations is applies in EC math, so: -k1*G+k1*G = -k2*G+k2*G = zero I don't know why are you get different results with 1*G and 2*G, you should check your calculations.
|
|
|
Let's say I'm still in superposition and can be at two points at the same time. I will return to my question. Could it be easier to find a private key when you know the twin brothers?
I don't need glory. One way or another, everything will become the property of mankind. (or it won't.)
No. Collisions still randomly distributed throughout whole keyspace. Some addresses may have no collisions at all. If you find one collision, it will not help you find another collision or solve the ECDLP.
|
|
|
When I look at this picture I see that this one value for x and y of R has millions and billions different pairs of x and y of Q and P I mean just change the slope of the line
Of course it has. Equation like x+y = 10 has infinite number of solutions.
|
|
|
PS. have an off topic question: Ethereum blockchain have some interesting transaction that signed with unusual R signature like this: 000000000000000000000000000000000000000000000000000000000000002D or 1820182018201820182018201820182018201820182018201820182018201820 or 8208208208208208208208208208208208208208208208208208208208208200 R=K*G.. how he calculated k for this beautiful R ?
That is smart contract transactions, read here: https://eips.ethereum.org/EIPS/eip-1820
|
|
|
now my is stable up to 252 bit. and yours? Ps. of course you have script, becouse it is math, the problem is with precision , and it depends form kind of algo you will use, sometimes must be somethng changing, but you have not ansered, what kind algo? if you don;t know then you have use one of google scipt. my task:)
Did you write something about algorithm in your own script? Why I have to uncover my mathematical poetry? But ok, this is not secret - algorithm is well known lattice reduction, as was already mentioned on this forum. It works perfectly with only 4 known bits of nonces (yes, up to 252 bit nonces) and any private key length. I don't know why you also required reduced private keys. Also I don't understand what a problem you mentioned with different nonce sizes. If all of nonces is beetween 2**1 and 2**240 then it is obviously that we know that at least first 16 bits are zeroes - this is enough for construct the matrices, and other 240 bits do not matter whether there are zeros or not. This code is very close to my own.
|
|
|
You offer script "where nonce and privatekey cannot be more than 240 bit" My script can recover keys with the same conditions.
|
|
|
Please don't sell to other . I will pay ten time as them , but please not to them! you will ruined me!!!
just PM me now!
@ok we laughed , now time to go sleep now
What are you laughing at? I have same script as yours - it can recover private from multiple transactions with reduced nonces. And i offer it for 1.5 BTC.
|
|
|
yep, for 2 BTC on my address account, if I received, then I will give you. Are we ok?
I'm offering the same script as yours for 1.5 BTC
|
|
|
The problem was a double giant step. Now I have removed the double giant step and in my opinion everything works as it should. I run several tests with different small -w -p options with 1024 pubkeys file and all keys are founded. True, now the total indicator is 2 times less, due to the fact that the step is normal. You can run all sorts of tests with keys and check. If there are any bugs, let me know. release 1.7.0 available on github.
What the kind of problem was? I think you exploited symmetry to double size of giant steps? Why it did not find some keys?
|
|
|
Does anyone know of a website or app where I can input the EC points and it will visually show the addition on a graph of the curve/field?
This would greatly help with my school presentation.
Thanks.
you can try to use this tool - https://www.desmos.com/calculator/ialhd71we3
|
|
|
|