Bitcoin Forum
March 29, 2024, 12:46:59 PM *
News: Latest Bitcoin Core release: 26.0 [Torrent]
 
  Home Help Search Login Register More  
  Show Posts
Pages: « 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 [39] 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 »
761  Bitcoin / Bitcoin Discussion / Re: How to use fiat currencies for Bitcoin offline transactions? on: September 28, 2013, 06:43:59 AM
Off-topic, but: people just don't understand how stupidly fast computers are these days.

A CPU can check about 40khashes per second.

In the original XKCD comic, "Correct Horse Battery Staple" is estimated to have 44 bits of entropy. It is estimated that 40 thousand guesses per second will take about 14 years to crack the pass phrase.

A GPU can do about 300Mhashes/second. At that rate, a passphrase with 44 bits of entropy (244 trials) will fall in about 16 hours, 20 minutes.

Storing the result (32 bytes per hash) would take 563 TB.

Rainbow tables reduce the storage requirements with a time/memory trade-off.

Edit: The comic says the average user should not worry about the password hash being stolen. In the case of Bitcoin, it is actually PUBLIC (by design), so that advice does not apply.
I also capitalized all 4 words that is 1 extra bit of entropy. 4 extra bits if you randomly capitalize (which would be hard to remember (but easy to brute force if you know the 4 words))

Edit: There is also a step where you convert the 256bit hash to a Bitcoin address. That will take extra time/CPU.
762  Bitcoin / Bitcoin Discussion / Re: Clarification as to how the CA system can now be trusted on: September 26, 2013, 05:24:05 PM
You don't provide a private key. You provide your public key. Your private key is used to prove control over your web-server.

You send the the public key in the generate CSR step:
Quote from: RapidSSL
Enter CSR
 

After generating your server's Certificate Signing Request as described in Generate CSR, paste the CSR in the form below. Please make sure that it contains the complete header and footer "BEGIN" and "END" lines exactly as in the example below.

      SAMPLE ONLY

-----BEGIN NEW CERTIFICATE REQUEST-----
MIIDCjCCAnMCAQAwdTEZMBcGA1UEAxMQaG9zdC5kb21haW4ubmFtZTEVM
BMGA1UECxMMT3JnYW5pemF0aW9uMRUwEwYDVQQKEwxPcmdhbml6YXRpb2
4xDTALBgNVBAcTBENpdHkxDjAMBgNVBAgTBVN0YXRlMQswCQYDVQQGEwJ
VUzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAyZ1dYomQ4jhSr6f
G3GYxjS4B837+y3A6xIM9OVXV4ZnSIe9nOLHgdksQJpwaQeOZwWeqifte
hrJ/s55PvPxok+Tqq0t7BfMkkUSuiYnFdUo1OpDPdw3cEaP9WWSrduouI
Vnq2AWTDw2ykyxKg6neb2vYTZRvbot7M578Vvh6P8CAwEAAaCCAVMwGgY
KKwYBBAGCNw0CAzEMFgo1LjAuMjE5NS4yMDUGCisGAQQBgjcCAQ4xJzAl
MA4GA1UdDwEB/wQEAwIE8DATBgNVHSUEDDAKBggrBgEFBQcDATCB/QYKK
wYBBAGCNw0CAjGB7jCB6wIBAR5aAE0AaQBjAHIAbwBzAG8AZgB0ACAAUg
BTAEEAIABTAEMAaABhAG4AbgBlAGwAIABDAHIAeQBwAHQAbwBnAHIAYQB
wAGgAaQBjACAAUAByAG8AdgBpAGQAZQByA4GJACB3C0g9psK0+V+N/Me1
JsG39vonCPQBdOwNp6zHJSPCU3FwQ0SgFpEQNy6HEn79I0CMrU93q9Hh1
TQtd2YU6lWHQunXrIcytmAFVjhibNX6Dp1e41Wjc2N4ilJyy1GFss686c
dZt2GP6y04I74/OvkW2Wf9nezUrMrESM2PP4B1AAAAAAAAAAAwDQYJKoZ
IhvcNAQEFBQADgYEAg4+QHTvkP5CG+WcGnrhKiMkJnMP6QEsds40obUDS
dGtEupQz8C+4xoMd1aM68q9Ri6Va+JTeuhKHxLz9hT/KUJhNBy0sRfnx+
JkQdrKG69UanTwvLqXINh9xChw9ErIto/2kZI5kl2KYQdiOqTv6p0GEUP
Rq/MD52Zy3bOzSRF0=
-----END NEW CERTIFICATE REQUEST-----

Edit: I went through the steps of generating a more expensive wild-card cert.
763  Bitcoin / Bitcoin Discussion / Re: Clarification as to how the CA system can now be trusted on: September 26, 2013, 05:18:16 PM
My webhost/registrar that has not updated their website since 1999 allows you to generate your own certs.
http://www.reg.ca/certificate.html
Can't find the form off-hand.

Bottom line is that your Certificate Authority should never have the private key for your webserver (unless they are also your webhost). If your CA does not allow you to generate you own Certs for signing, Drop them like a hot potato and black-list them in the web-browser. Then come here and tell us who they are so we can black-list them in our web-browsers.

Edit: maybe I should just go ahead and blacklist the cloudflare CA.
764  Bitcoin / Bitcoin Discussion / Re: Please review my Bitcoin Explanation for non-tech users on: September 18, 2013, 09:03:33 AM
Yeah, I am not sure why OP didn't just link to their web-page.

Errors:
  • There are fees. They can often be optional, but it is incorrect to say there are "no fees".
  • Both Money Orders and Wire Transfers tend to be non-reversible. It is incorrect to say only cash is not reversible.
  • Computer destruction can result in a loss of funds. You should have your savings stored off-line (or encrypted with the key stored off-line) in at least two physically separate locations.
  • Sending section is a little weird. Governments frown on people moving large amounts of cash across borders. For paying your neighbour, using cash is probably easier: especially for "grandma". I may be better to say the difficulty of sending a transaction does not change with distance.

765  Bitcoin / Bitcoin Discussion / Re: SHA-256 has no backdoors =/= Bitcoin has no backdoors on: September 18, 2013, 01:15:53 AM
FreeSwan Project
From: http://www.freeswan.org/freeswan_trees/freeswan-1.5/doc/exportlaws.html


Many nations restrict the export of cryptography and some restrict its use by their citizens or others within their borders.


If you look at the page info, you will see that page has not been updated since the year 2000. This also happened around that time:
Apple PowerMac G4 Commercial - Super Computer (Tanks)
They raised the limit to 500Gflops, which caught the PS3 personal computer entertainment system before dropping that law.

While the restrictions you mention were in place: Cyrptography development moved outside the United States. I remember having to be careful to download the non-US versions of Debian since it was illegal to re-export strong cryptography. It appears what happened is that the powers-that-be decided exporting cryptography would be allowed. The catch is that now standards developed in the US are suspect.

PS: this thread now has 3 people from my (exclusive) ignore list participating in it. Maybe I should stop commenting.
766  Bitcoin / Bitcoin Discussion / Re: SHA-256 has no backdoors =/= Bitcoin has no backdoors on: September 17, 2013, 07:23:35 AM
Time to shut up, listen, and learn. School is in session.


One of two articles, the first showing how NSA puts backdoors in encryption.


Quote
Did NSA Put a Secret Backdoor in New Encryption Standard?

By Bruce Schneier
Wired News
November 15, 2007

Link: https://www.schneier.com/essay-198.html




Second article.

Yall outa know by now, NSA will NOT let any cryptography be released that THEY are not going to be able to plant a backdoor in. The nation's security is too important to leave anything to chance.



Quote
New York Times provides new details about NSA backdoor in crypto spec
The paper points a finger definitively at the long-suspected Dual_EC_DRBG algorithm.

by Megan Geuss - Sep 11, 2013 3:00 am UTC
Link: http://arstechnica.com/security/2013/09/new-york-times-provides-new-details-about-nsa-backdoor-in-crypto-spec/




Class is dismissed.


The NSA has to allow secure algorithms to secure their own data. They use AES (possibly with a different key schedule) and SHA-256 AFAIK.

What these revelations mean is that you have to do you homework before using cryptography. Something most users are not going to be able to do. As a result, they will be vulnerable to degradation attacks whereby host are tricked into using weak algorithms. These revelation mean the NSA has been making it easier to choose weak algorithms.

For example, I recently disabled password authentication so that I can securely access my computer remotely (Using RSA-based public key authentication). In the sshd_config file, I also disabled version 1 of the protocol, MD5 hashing, as well as 3DES and arcfour (RC4) encryption. This means that my computer will refuse to negotiate a connection using those weaker protocols.
767  Other / Meta / Password timeoout suggestion on: September 14, 2013, 08:10:27 PM
Hello,

Waiting 45 seconds to re-enter your password can be frustrating. However, today I was busy during those 45 seconds because I entered the password from another website. I was changing my password on the other site.

My suggestion:
If the password is incorrect (presumably if the user-name is incorrect too to avoid a distinguishing attack), perhaps the intermediate screen should post suggestions for good security like:

If you accidentally entered the password from another website, you should go change that password now.

If your Password is on this list: you should change your password.

If your password is on this list: you should change your password.

You should write your passwords down or keep them in a key-ring. Your passwords should be randomly generated. (This one will be controversial: however I think advice to never write down passwords results in password re-use or forgotten passwords).
 
Edit: Removed Facebook link for top 25 list. I have no idea why a major news organization would link to a facebook page rather than a press-release. I have one theory: to keep the masses ignorant and dependent on them.
768  Bitcoin / Bitcoin Discussion / Re: SHA-256 has no backdoors =/= Bitcoin has no backdoors on: September 14, 2013, 07:45:24 PM
Hehe. U r close to compare me with Hitler.
Uh, no.

Quote
If u r not a schoolboy u should use mathematical notation instead of vague words. Try again.
The wikipedia page gives a little more detail about 3DES. Encrypting 3 times does not triple the strength of the cipher. However, it also does not weaken it.

double sha2 is weaker then sha2 in some aspects.

im not sure that anyone have ever proven that sha2 hits its whole 'probability' space(2^256), if doesn't do that it will be loosing entropy by repeated applications.

more data in(a big fat block of data), means more random out. less data in(a single 256-bit sha2 hash), means less random out.
So kokjo is pointing out that nobody has proven that SHA-256 has a completely uniform probability distribution.

That does not imply that a second iteration makes the combined hash weaker for the reason fpgaminer pointed out. The example he used was to assume double-SHA-256 has about the same cryptographic strength as MD5. I will make a weaker assumption: assume the second hash has reduced variability because of the limited input size.

Once the attacker determines the intermediate hash in 280 time, they have a problem: they must now break the remaining 'single' hash. I suppose I should prove that later rounds don't undo the work of earlier rounds: but frankly, I don't have the time right now.

769  Bitcoin / Bitcoin Discussion / Re: SHA-256 has no backdoors =/= Bitcoin has no backdoors on: September 14, 2013, 10:10:44 AM
Care to prove?

fpgaminer proved it; you are just bad at math (basing this partially on your previous thread). If you are of Middle-school age, the math may be just a little advanced for you.

I mentioned 3DES because it is an example of a weak algorithm being strengthened by repeated application.

Running SHA-256 twice buys us some time if 'single' SHA-256 is found to be broken.

If you want to confirm that Bitcoin simply runs the standard SHA-256 twice, you have only to check the source-code.
770  Bitcoin / Bitcoin Discussion / Re: SHA-256 has no backdoors =/= Bitcoin has no backdoors on: September 13, 2013, 10:16:25 PM
Why don't you read up on Tripple-DES and then restate your question?

Hint: Running SHA-256 twice does not in any way make it less secure.
771  Bitcoin / Bitcoin Discussion / Re: Small Town Mayor in Michigan Starts Accepting Bitcoin on: September 13, 2013, 06:55:29 PM
The Libertarian and Pirate Parties in Canada accept Bitcoin. An no, you are not allowed to make significant contributions without identifying yourself. I believe you have to be a Canadian citizen as well. Any excess contributions we can not account for are essentially a donation to the Government.

Edit: It would be interesting if we could convince the Receiver General to post a public Bitcoin address.
772  Bitcoin / Bitcoin Discussion / Re: Bitcoin is slowly shit. on: September 12, 2013, 08:54:39 PM
I have heard you can add a fee after the fact by using the coin as an input in a fee-paying transaction. This would likely require manual coin manipulation though.

773  Bitcoin / Bitcoin Discussion / Re: Customers to decide if eBay should adopt Bitcoin, will they? on: September 09, 2013, 06:53:17 AM
Ebay does have an officially recommended escrow service (mainly for big-ticket items). For small purchases, the fee is 3.25% or $25; whichever is greater.

I sent a paper letter to escrow.com two years ago explaining Bitcoin and mentioning how m-n transactions can simplify the escrow process.

It is possible that somebody looked into it further without getting back to me.
774  Other / Off-topic / Re: Do girls use Bitcoin ? on: September 09, 2013, 05:35:51 AM

A pretty solid (and AFAIK, never refuted) "Tits or GTFO" defense was on page 10.
Quote


By that logic, about half the interesting 'guys' you meet on the Internet must be girls in real life (they do make up about half the population, after-all). You see, truly interesting girls have no reason to reveal their gender: so they won't.
 
775  Other / Off-topic / Re: Do girls use Bitcoin ? on: September 08, 2013, 07:52:19 PM
I keep hoping this thread will improve. The highlight for me was the picture with the small birds.

Logged in just to ignore a certain miner.

Obviously some women do use Bitcoin. Why that implies they have to show you pictures... I don't know.
776  Other / Beginners & Help / Re: The NSA can decrypt any encryption created with intel's Ivy Bridge or newer on: September 08, 2013, 09:21:01 AM
Bitcoin unaffected. Correct?

Android had weak enough number generation to break Bitcoin security. In this case, only NSA with the secret keys would be able to get your key. That assumes the Intel hardware number generator is used; which would likely be OS dependent.

First step is to ask Intel what random number generator they actually use.

Edit: OP's wikipedia link says "The generator uses an on-processor entropy source, which passes the randomly generated bits to an AES (in CBC-MAC mode) conditioner to distill the entropy into non-deterministic random numbers." -- which does not sound like the back-doored random number generator. However, Theodore Ts'o is quoted in that same article pointing out that all Intel has to do to add a back-door is encrypt the random numbers with a key known to the NSA. You could defeat this by re-encrypting the output of the random number generator with your own encryption key (derived from an independent source).
Edit2: the above back door would only work if the true entropy source before scrambling is predictable enough.
777  Other / Meta / Re: It has become an absolute joke on: September 08, 2013, 08:28:29 AM
I thought about putting advertising in my sig... for about 3 seconds.

The only reason I considered it is that my sig was bad-mouthing Eligius for too long Tongue

With the NSA revelations, EVERYBODY should be putting their OpenPGP fingerprint in their sig; just like me Cheesy

Disclaimer: OpenPGP does not prevent metadata analysis.
778  Other / Beginners & Help / Re: The NSA can decrypt any encryption created with intel's Ivy Bridge or newer on: September 08, 2013, 07:12:58 AM
The document in question specified 4 algorithms; only one is back-doored.

OP seems to be using the code-name coincidence to claim that Intel deliberately chose the slower, back-doored one.

I stopped trusting Intel after "Intel Insider" was introduced with the Sandy Bridge (appears to be DTCP with the latency restriction of the first hop relaxed).

Edit: wait: DTCP uses AES. Can we decrypt "premium content" if the OP's claims are true?
779  Bitcoin / Bitcoin Discussion / Re: Bitcoin is becoming less and less adopted... on: September 07, 2013, 11:19:27 PM

If you select the log scale you will see the trend-line shows the number of Bitcoin users doubling every year. I am fairly certain the world population is growing at slower rate. Looks like there was a large peak in the spring. They'll be back.

Where could I see these numbers?

On the left-hand side of that chart you linked to. Selecting the log scale simply converts exponential growth into a straight line so that you can clearly see the rate of growth with a trend-line.

780  Bitcoin / Bitcoin Discussion / Re: BTC will never extend more on: September 07, 2013, 11:04:38 PM
Exactly the contrary is the case. Bitcoin eliminates scam if used properly.
How many vendors are payed with stolen credit cards ?
The security can be increased even more with Namecoin identity systems where the vendor is going through an identification and his public key and other details are stored in an id/vendor
http://dot-bit.bit/Namespace:Identity

I don't think Namecoin does what you describe. Identifying using a namecoin address is about as convincing as identifying with a Bitcoin address. What namecoin brings to the table is irrevocable, hijack resistant domain names.


That url is broken even after I replace .bit with .net Tongue

Edit: Plus with .onion records, DNS servers no longer need a public IP address.
Pages: « 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 [39] 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 »
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!