Bitcoin Forum
June 26, 2019, 05:12:10 PM *
News: Latest Bitcoin Core release: 0.18.0 [Torrent] (New!)
 
   Home   Help Search Login Register More  
Pages: « 1 2 3 4 5 6 7 8 9 10 [11] 12 »  All
  Print  
Author Topic: 2^256 Deep Space Vagabond  (Read 38336 times)
BurtW
Legendary
*
Offline Offline

Activity: 2478
Merit: 1044

All paid signature campaigns should be banned.


View Profile WWW
September 30, 2014, 12:24:40 PM
 #201

Any news from Hash Hyena?

Our family was terrorized by Homeland Security.  Read all about it here:  http://www.jmwagner.com/ and http://www.burtw.com/  Any donations to help us recover from the $300,000 in legal fees and forced donations to the Federal Asset Forfeiture slush fund are greatly appreciated!
1561569130
Hero Member
*
Offline Offline

Posts: 1561569130

View Profile Personal Message (Offline)

Ignore
1561569130
Reply with quote  #2

1561569130
Report to moderator
1561569130
Hero Member
*
Offline Offline

Posts: 1561569130

View Profile Personal Message (Offline)

Ignore
1561569130
Reply with quote  #2

1561569130
Report to moderator
PLAY NOW
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1561569130
Hero Member
*
Offline Offline

Posts: 1561569130

View Profile Personal Message (Offline)

Ignore
1561569130
Reply with quote  #2

1561569130
Report to moderator
1561569130
Hero Member
*
Offline Offline

Posts: 1561569130

View Profile Personal Message (Offline)

Ignore
1561569130
Reply with quote  #2

1561569130
Report to moderator
Hash Hyena
Newbie
*
Offline Offline

Activity: 19
Merit: 0


View Profile
October 04, 2014, 01:24:26 PM
 #202

Any news from Hash Hyena?

Hi Burt,

a lot of progress, and a small amount of BTC claimed already, but nothing we would brand as "news" yet. Poke around the web a bit over the past week and a half and you will start to see a pattern or trend of people asking "did anybody else have their bitcoin stolen"? or things of that nature,  but we have not hit a target big enough, or enough small targets to brand it or make it news worthy as any publication of anything at the moment will result in nothing but a bunch of trolling from the mindless masses of sheeple in the crypto currency space. As time progresses more and more clear patterns emerge where the real source of the missing bitcoins come into question things will become more clear. For now, if you are one of those unlucky few who have become victims. Please maintain the address your BTC was hijacked from as we will be returning it to its rightful owners once enough have been collected to make an impact, all you will need to do is show you can send a transaction from the hijacked address showing you were the original holder of the private keys for that address.

In the interim, anybody wanting copies of some of the tools we are using, and help getting set up so you too can participate, please contact us and we can get you some of the pre-release versions with limited functionality (still enough to start grinding away at claiming BTC). we are aware that there will be people with malicious intents using this software and we can do nothing about that, but we ask that you refrain from doing so and that any BTC you can claim and move is returned to its rightful owners upon proving they were in possession of the keys for that address in the first place

Things you will need beyond our tools.

Either a dedicated Linux machine, or a VM with at least 2gigs of ram.
JRE and JDK
a host machine with fair amount of hard drive space and recommended 4 gigs of ram.

We will gladly walk you through getting everything set up until requests exceed our time limits, please keep in mind we are still working hard at finishing all the tools so everyone can participate so we are limiting our time in "setup assistance"
Korbman
Legendary
*
Offline Offline

Activity: 1064
Merit: 1000



View Profile
October 04, 2014, 04:55:03 PM
 #203

Any news from Hash Hyena?
In the interim, anybody wanting copies of some of the tools we are using, and help getting set up so you too can participate, please contact us and we can get you some of the pre-release versions with limited functionality (still enough to start grinding away at claiming BTC). we are aware that there will be people with malicious intents using this software and we can do nothing about that, but we ask that you refrain from doing so and that any BTC you can claim and move is returned to its rightful owners upon proving they were in possession of the keys for that address in the first place

Alright, I'll bite thanks to my incessant curiosity. PM sent, and I'll put together a review if permitted.

bit4all
Newbie
*
Offline Offline

Activity: 3
Merit: 0


View Profile
October 13, 2014, 06:05:02 AM
 #204

Any news from Hash Hyena?

Hi Burt,

a lot of progress, and a small amount of BTC claimed already, but nothing we would brand as "news" yet. Poke around the web a bit over the past week and a half and you will start to see a pattern or trend of people asking "did anybody else have their bitcoin stolen"? or things of that nature,  but we have not hit a target big enough, or enough small targets to brand it or make it news worthy as any publication of anything at the moment will result in nothing but a bunch of trolling from the mindless masses of sheeple in the crypto currency space. As time progresses more and more clear patterns emerge where the real source of the missing bitcoins come into question things will become more clear. For now, if you are one of those unlucky few who have become victims. Please maintain the address your BTC was hijacked from as we will be returning it to its rightful owners once enough have been collected to make an impact, all you will need to do is show you can send a transaction from the hijacked address showing you were the original holder of the private keys for that address.

In the interim, anybody wanting copies of some of the tools we are using, and help getting set up so you too can participate, please contact us and we can get you some of the pre-release versions with limited functionality (still enough to start grinding away at claiming BTC). we are aware that there will be people with malicious intents using this software and we can do nothing about that, but we ask that you refrain from doing so and that any BTC you can claim and move is returned to its rightful owners upon proving they were in possession of the keys for that address in the first place

Things you will need beyond our tools.

Either a dedicated Linux machine, or a VM with at least 2gigs of ram.
JRE and JDK
a host machine with fair amount of hard drive space and recommended 4 gigs of ram.

We will gladly walk you through getting everything set up until requests exceed our time limits, please keep in mind we are still working hard at finishing all the tools so everyone can participate so we are limiting our time in "setup assistance"
Multisig addressses solves the risks associated with an address controlled by a single private key.
RoadStress
Legendary
*
Offline Offline

Activity: 1862
Merit: 1002


View Profile
October 13, 2014, 06:50:32 AM
 #205

I the mean time, any developers who want to jump on board to help speed up development for the user friendly platform, please message us, there are about a dozen of us [developers] working on this now, along with a few dozen mathematicians, statisticians, and even a half dozen cryptographers with over 45 years combined education.

This is an interesting project, but I have some questions as a spectator of it. Do they do it as a hobby in their free time? If not then who is paying the team? Are they on a payroll? What is your budget that you are dedicating to this whole operations? Because you can't do it with 3.3 BTC.

H/w Hosting Directory & Reputation - https://bitcointalk.org/index.php?topic=622998.0
Hash Hyena
Newbie
*
Offline Offline

Activity: 19
Merit: 0


View Profile
October 14, 2014, 12:33:24 AM
 #206

I the mean time, any developers who want to jump on board to help speed up development for the user friendly platform, please message us, there are about a dozen of us [developers] working on this now, along with a few dozen mathematicians, statisticians, and even a half dozen cryptographers with over 45 years combined education.

This is an interesting project, but I have some questions as a spectator of it. Do they do it as a hobby in their free time? If not then who is paying the team? Are they on a payroll? What is your budget that you are dedicating to this whole operations? Because you can't do it with 3.3 BTC.

We are a little confused  as to your questions. Are you asking do we get paid to play around with brute forcing and birthday attacking the bitcoin address key space? Or is someone paying us to exploit the PSRNG faults in most wallet clients?

As for budget, we dont have nor need one. The whole project is nothing more than a now large and ever growing collection of people from various aspects that relate to the project in some fashion either writing code, improving methods, researching and calculating various stuff or just dedicating a little computing resources to the project. The core team funds our own hardware ( hard drives, electricity, servers, and massive raw computing power) It is all play money, dedicated to being wasted on having fun with exploiting anything bitcoin we can. Any exploits, faults, issues we find with any wallet client, web service, etc. usually results in a report being sent to the service provider notifying them of the issue. One of the biggest wallet clients in use today had one of the biggest problems that was easy to exploit. within 2 weeks of reporting it with a demonstration to show exactly what was happening they had released the next version which fixed the problems.

^ they wished not to be named to avoid false panic as everyone that downloads the latest release will no longer have the issue.
btchris
Hero Member
*****
Offline Offline

Activity: 672
Merit: 501

a.k.a. gurnec on GitHub


View Profile WWW
October 14, 2014, 03:49:30 PM
Last edit: October 14, 2014, 04:06:52 PM by btchris
 #207

Hash Hyena, I have a couple of questions / points which I hope you can address. The first is related to your interim key generation recommendations.

"any other" RNG does not really solve the problem as we have found through heavy testing that Armory, Electrum, MultiBit, and just about every other wallet client out there has the same problems. The problem really is ANY RNG that is based on software.
1: use vanitygen to generate an address which falls far out of reach of the clustered address space, for example, the odds of your address eventually becoming part of someones catalog if it starts with 11121******************* is 667% more likely to happen then if your address starts with 1iBPq******************* for example.

Given that vanitygen is just another CSPRNG, and therefore flawed by your reasoning, why would you recommend it over any of the others you mention above (all of which use, exclusively or at least in part, the same OS-provided source of entropy)? In fact, vanitygen intentionally decreases entropy when it throws out generated keys which do not match the predetermined pattern, which would (slightly) decrease the security of the generated keys.

2: Use real world high entropy sources, a deck of cards, Hexadecimal dice, numbers and letters pulled from a hat. Myself personally and a few of the guys already on the team for this project we throw darts at a very large dart board that we made that has 0-9, a-f listed about 400 times each in a random pattern on a 4' X 4'  custom dart board we made. The entropy is higher if you are drunk when throwing the darts as your hand eye coordination makes it like trying to hit a moving target  Wink

First of all... how did you generate the random pattern of digits on your dartboard to begin with?

Regardless, any single set of random data is of course itself randomly biased, including your dartboard, and re-using it naively like this (I assume you don't create a new dartboard for each throw) combined with human bias will introduce that bias into its output. For example, it's very likely that there exists a hex digit on your dartboard which occurs less frequently on the periphery than it does towards the middle. Since I presume you'd avoid aiming your darts such that they might miss the dartboard, this hex digit is more likely to occur in your generated output.

In fact, a much better approach which would lead to less biased random numbers (assuming that the individual target boxes are small enough) would be to use a regular repeating pattern for the dartboard, where each 4x4 section contains exactly all 16 hex digits. How is it that nobody on your team caught this?

(This is to say nothing of the fact that throwing 64 darts at a dart board is silly-inefficient compared to just shuffling (well) a deck of cards...)


Next, moving back to your assessment of alternative clients:

"any other" RNG does not really solve the problem as we have found through heavy testing that Armory, Electrum, MultiBit, and just about every other wallet client out there has the same problems. The problem really is ANY RNG that is based on software.

Paperwallet is a better source as it uses coordinates of a mouse on the screen so it has i direct input which affects the output. Something like that built into a wallet client would not be feasible as no person is going to sit behind a PC at bitpay and wiggle a mouse every time someone needs a payment address generated.

First it should be noted that all of the clients you mention above (including BitAddress.org, which is I assume the paper wallet to which you refer) begin with the same source of OS-provided entropy (/dev/random on Linux/BSD or CryptGenRandom on Windows). Even though these two sources of entropy are in part provided by deterministic processes, they also use external human-influenced sources to maintain their internal state, e.g. the starting of programs, the initiating of or receiving of network traffic, the timings of writing to or reading from disks, etc. It is inaccurate to claim that the wallet clients you mentioned do not use significant amounts of human-source entropy.

Next, let's move on more specifically to your assertion that "through heavy testing that Armory ... has the same problems." Given that Armory gathers entropy from some of the same sources [github.com] as "paperwallet" (in fact it gathers entropy from many more human-influenced sources than "paperwallet"), can you explain why Armory has a flawed CSPRNG, whereas "paperwallet" does not?


Given that you've said
there are about a dozen of us [developers] working on this now, along with a few dozen mathematicians, statisticians, and even a half dozen cryptographers with over 45 years combined education
I find it extremely discouraging that you can make such basic errors as those outlined above. The net effect is to make me exceedingly skeptical of not only your overly-broad claims (which cannot be proven nor refuted due to their vague nature), but also of your abilities as mathematicians and cryptographers and even your intentions. Posting your team's professional qualifications (names, degrees, and peer-reviewed publications) would go a long way toward alleviating some of these concerns, even if you choose not to be more specific regarding these alleged vulnerabilities still under investigation.

I also hope that you can specifically address the questions above.
Hash Hyena
Newbie
*
Offline Offline

Activity: 19
Merit: 0


View Profile
October 14, 2014, 07:02:04 PM
 #208

Hash Hyena, I have a couple of questions / points which I hope you can address. The first is related to your interim key generation recommendations.

"any other" RNG does not really solve the problem as we have found through heavy testing that Armory, Electrum, MultiBit, and just about every other wallet client out there has the same problems. The problem really is ANY RNG that is based on software.
1: use vanitygen to generate an address which falls far out of reach of the clustered address space, for example, the odds of your address eventually becoming part of someones catalog if it starts with 11121******************* is 667% more likely to happen then if your address starts with 1iBPq******************* for example.

Given that vanitygen is just another CSPRNG, and therefore flawed by your reasoning, why would you recommend it over any of the others you mention above (all of which use, exclusively or at least in part, the same OS-provided source of entropy)? In fact, vanitygen intentionally decreases entropy when it throws out generated keys which do not match the predetermined pattern, which would (slightly) decrease the security of the generated keys.

2: Use real world high entropy sources, a deck of cards, Hexadecimal dice, numbers and letters pulled from a hat. Myself personally and a few of the guys already on the team for this project we throw darts at a very large dart board that we made that has 0-9, a-f listed about 400 times each in a random pattern on a 4' X 4'  custom dart board we made. The entropy is higher if you are drunk when throwing the darts as your hand eye coordination makes it like trying to hit a moving target  Wink

First of all... how did you generate the random pattern of digits on your dartboard to begin with?

Regardless, any single set of random data is of course itself randomly biased, including your dartboard, and re-using it naively like this (I assume you don't create a new dartboard for each throw) combined with human bias will introduce that bias into its output. For example, it's very likely that there exists a hex digit on your dartboard which occurs less frequently on the periphery than it does towards the middle. Since I presume you'd avoid aiming your darts such that they might miss the dartboard, this hex digit is more likely to occur in your generated output.

In fact, a much better approach which would lead to less biased random numbers (assuming that the individual target boxes are small enough) would be to use a regular repeating pattern for the dartboard, where each 4x4 section contains exactly all 16 hex digits. How is it that nobody on your team caught this?

(This is to say nothing of the fact that throwing 64 darts at a dart board is silly-inefficient compared to just shuffling (well) a deck of cards...)


Next, moving back to your assessment of alternative clients:

"any other" RNG does not really solve the problem as we have found through heavy testing that Armory, Electrum, MultiBit, and just about every other wallet client out there has the same problems. The problem really is ANY RNG that is based on software.

Paperwallet is a better source as it uses coordinates of a mouse on the screen so it has i direct input which affects the output. Something like that built into a wallet client would not be feasible as no person is going to sit behind a PC at bitpay and wiggle a mouse every time someone needs a payment address generated.

First it should be noted that all of the clients you mention above (including BitAddress.org, which is I assume the paper wallet to which you refer) begin with the same source of OS-provided entropy (/dev/random on Linux/BSD or CryptGenRandom on Windows). Even though these two sources of entropy are in part provided by deterministic processes, they also use external human-influenced sources to maintain their internal state, e.g. the starting of programs, the initiating of or receiving of network traffic, the timings of writing to or reading from disks, etc. It is inaccurate to claim that the wallet clients you mentioned do not use significant amounts of human-source entropy.

Next, let's move on more specifically to your assertion that "through heavy testing that Armory ... has the same problems." Given that Armory gathers entropy from some of the same sources [github.com] as "paperwallet" (in fact it gathers entropy from many more human-influenced sources than "paperwallet"), can you explain why Armory has a flawed CSPRNG, whereas "paperwallet" does not?


Given that you've said
there are about a dozen of us [developers] working on this now, along with a few dozen mathematicians, statisticians, and even a half dozen cryptographers with over 45 years combined education
I find it extremely discouraging that you can make such basic errors as those outlined above. The net effect is to make me exceedingly skeptical of not only your overly-broad claims (which cannot be proven nor refuted due to their vague nature), but also of your abilities as mathematicians and cryptographers and even your intentions. Posting your team's professional qualifications (names, degrees, and peer-reviewed publications) would go a long way toward alleviating some of these concerns, even if you choose not to be more specific regarding these alleged vulnerabilities still under investigation.

I also hope that you can specifically address the questions above.

TL/DR

If you can clean it up into a short list of direct questions i can reply, but i am not reading through that entire mess to find the questions.

Thank you.
btchris
Hero Member
*****
Offline Offline

Activity: 672
Merit: 501

a.k.a. gurnec on GitHub


View Profile WWW
October 14, 2014, 07:28:09 PM
 #209

TL/DR

If you can clean it up into a short list of direct questions i can reply, but i am not reading through that entire mess to find the questions.

Thank you.

Cryptography is a complex subject, and cannot always be discussed in 5-word sentences (I even bolded the parts that actually needed addressing). I will try, but you may not like the results.

1. You claim nearly all CSPRNG is flawed. Then, as a workaround, you recommend vanitygen, which uses a.... CSPRNG (a fairly common one, OpenSSL). Can you explain the difference?

2. Your dartboard scheme for creating entropy is slow and biased, the sort of thing no cryptographer would ever come up with. Why did you?

3. You claim that "paperwallets" are superior because they use entropy from a mouse. You cite a bunch of wallet clients you claim to have found "through heavy testing" to be faulty, and yet every one that you cited also uses real-world entropy, just like "paperwallets". Armory, in particular, uses mouse input plus several other sources of real-world entropy. How could a cryptography expert miss this fact?

4. You've made extraordinary claims. If you are unwilling or unable to provide extraordinary proof (which is understandable for a work-in-progress), you will likely be ridiculed unless you can at least provide extraordinary professional credentials for your "few dozen mathematicians, statisticians, and even a half dozen cryptographers with over 45 years combined education." Why have you done neither?

Is that better?
HELP.org
Hero Member
*****
Offline Offline

Activity: 510
Merit: 500



View Profile WWW
October 14, 2014, 07:40:41 PM
 #210

TL/DR

If you can clean it up into a short list of direct questions i can reply, but i am not reading through that entire mess to find the questions.

Thank you.

Cryptography is a complex subject, and cannot always be discussed in 5-word sentences (I even bolded the parts that actually needed addressing). I will try, but you may not like the results.

1. You claim nearly all CSPRNG is flawed. Then, as a workaround, you recommend vanitygen, which uses a.... CSPRNG (a fairly common one, OpenSSL). Can you explain the difference?

2. Your dartboard scheme for creating entropy is slow and biased, the sort of thing no cryptographer would ever come up with. Why did you?

3. You claim that "paperwallets" are superior because they use entropy from a mouse. You cite a bunch of wallet clients you claim to have found "through heavy testing" to be faulty, and yet every one that you cited also uses real-world entropy, just like "paperwallets". Armory, in particular, uses mouse input plus several other sources of real-world entropy. How could a cryptography expert miss this fact?

4. You've made extraordinary claims. If you are unwilling or unable to provide extraordinary proof (which is understandable for a work-in-progress), you will likely be ridiculed unless you can at least provide extraordinary professional credentials for your "few dozen mathematicians, statisticians, and even a half dozen cryptographers with over 45 years combined education." Why have you done neither?

Is that better?

5.  You had said using hardware RNG's would only solve part of the problem.  Why?

Certified Bitcoin Professional
Bicoin.me - Bitcoin.me!
Hash Hyena
Newbie
*
Offline Offline

Activity: 19
Merit: 0


View Profile
October 17, 2014, 01:22:16 AM
 #211

TL/DR

If you can clean it up into a short list of direct questions i can reply, but i am not reading through that entire mess to find the questions.

Thank you.

Cryptography is a complex subject, and cannot always be discussed in 5-word sentences (I even bolded the parts that actually needed addressing). I will try, but you may not like the results.

1. You claim nearly all CSPRNG is flawed. Then, as a workaround, you recommend vanitygen, which uses a.... CSPRNG (a fairly common one, OpenSSL). Can you explain the difference?

2. Your dartboard scheme for creating entropy is slow and biased, the sort of thing no cryptographer would ever come up with. Why did you?

3. You claim that "paperwallets" are superior because they use entropy from a mouse. You cite a bunch of wallet clients you claim to have found "through heavy testing" to be faulty, and yet every one that you cited also uses real-world entropy, just like "paperwallets". Armory, in particular, uses mouse input plus several other sources of real-world entropy. How could a cryptography expert miss this fact?

4. You've made extraordinary claims. If you are unwilling or unable to provide extraordinary proof (which is understandable for a work-in-progress), you will likely be ridiculed unless you can at least provide extraordinary professional credentials for your "few dozen mathematicians, statisticians, and even a half dozen cryptographers with over 45 years combined education." Why have you done neither?

Is that better?

Thank you chris, that is much better

1: With vanitygen you add your own entropy by selecting an address with a 1XXXXXXX prefix, there is nothing random about it short of what comes after 1XXXXXX by selecting XXXXXXX you move yourself out of the over used "random" space

2: I wont argue this, instead i issue a challange, 1, Get drunk, i mean tipsy drunk. 2, attach 5 note cards (3X5) to the wall. 3, stand back 20-25 feet from them. 4, try and hit one, then try and hit the same one again. Smiley    (in short, its fun, and more random than you will get from most other sources)

3: I really dont want to get too much into this one, If your making this claim, i assume you have looked through the entire source code for armory before (prior to their latest 2 releases) so there really is no need for discussion here.

4: Right, and wrong at the same time. We are not making claims nor trying to convince anyone of anything, that would be futile around here to say the least, this is a community filled with sheeple, trolls, and the under educated with a few bright minds mixed in to try and balance it out. We knew this coming in. Instead, we are releasing some of the software we have developed to allow others to do it themselves. As more participate, the "thefts" (hopefully will be returned to their rightful owners upon proving a point) will begin to happen more often, and sooner or later someone will hit something BIG or nail someone of importance and when they speak up, then there will be nothing left to discuss.

 
HELP.org
Hero Member
*****
Offline Offline

Activity: 510
Merit: 500



View Profile WWW
October 17, 2014, 01:40:54 AM
 #212

TL/DR

If you can clean it up into a short list of direct questions i can reply, but i am not reading through that entire mess to find the questions.

Thank you.

Cryptography is a complex subject, and cannot always be discussed in 5-word sentences (I even bolded the parts that actually needed addressing). I will try, but you may not like the results.

1. You claim nearly all CSPRNG is flawed. Then, as a workaround, you recommend vanitygen, which uses a.... CSPRNG (a fairly common one, OpenSSL). Can you explain the difference?

2. Your dartboard scheme for creating entropy is slow and biased, the sort of thing no cryptographer would ever come up with. Why did you?

3. You claim that "paperwallets" are superior because they use entropy from a mouse. You cite a bunch of wallet clients you claim to have found "through heavy testing" to be faulty, and yet every one that you cited also uses real-world entropy, just like "paperwallets". Armory, in particular, uses mouse input plus several other sources of real-world entropy. How could a cryptography expert miss this fact?

4. You've made extraordinary claims. If you are unwilling or unable to provide extraordinary proof (which is understandable for a work-in-progress), you will likely be ridiculed unless you can at least provide extraordinary professional credentials for your "few dozen mathematicians, statisticians, and even a half dozen cryptographers with over 45 years combined education." Why have you done neither?

Is that better?

Thank you chris, that is much better

1: With vanitygen you add your own entropy by selecting an address with a 1XXXXXXX prefix, there is nothing random about it short of what comes after 1XXXXXX by selecting XXXXXXX you move yourself out of the over used "random" space

2: I wont argue this, instead i issue a challange, 1, Get drunk, i mean tipsy drunk. 2, attach 5 note cards (3X5) to the wall. 3, stand back 20-25 feet from them. 4, try and hit one, then try and hit the same one again. Smiley    (in short, its fun, and more random than you will get from most other sources)

3: I really dont want to get too much into this one, If your making this claim, i assume you have looked through the entire source code for armory before (prior to their latest 2 releases) so there really is no need for discussion here.

4: Right, and wrong at the same time. We are not making claims nor trying to convince anyone of anything, that would be futile around here to say the least, this is a community filled with sheeple, trolls, and the under educated with a few bright minds mixed in to try and balance it out. We knew this coming in. Instead, we are releasing some of the software we have developed to allow others to do it themselves. As more participate, the "thefts" (hopefully will be returned to their rightful owners upon proving a point) will begin to happen more often, and sooner or later someone will hit something BIG or nail someone of importance and when they speak up, then there will be nothing left to discuss.

 


This is worthless, you never give reasonable answers.

Certified Bitcoin Professional
Bicoin.me - Bitcoin.me!
Hash Hyena
Newbie
*
Offline Offline

Activity: 19
Merit: 0


View Profile
October 17, 2014, 01:58:25 AM
 #213

TL/DR

If you can clean it up into a short list of direct questions i can reply, but i am not reading through that entire mess to find the questions.

Thank you.

Cryptography is a complex subject, and cannot always be discussed in 5-word sentences (I even bolded the parts that actually needed addressing). I will try, but you may not like the results.

1. You claim nearly all CSPRNG is flawed. Then, as a workaround, you recommend vanitygen, which uses a.... CSPRNG (a fairly common one, OpenSSL). Can you explain the difference?

2. Your dartboard scheme for creating entropy is slow and biased, the sort of thing no cryptographer would ever come up with. Why did you?

3. You claim that "paperwallets" are superior because they use entropy from a mouse. You cite a bunch of wallet clients you claim to have found "through heavy testing" to be faulty, and yet every one that you cited also uses real-world entropy, just like "paperwallets". Armory, in particular, uses mouse input plus several other sources of real-world entropy. How could a cryptography expert miss this fact?

4. You've made extraordinary claims. If you are unwilling or unable to provide extraordinary proof (which is understandable for a work-in-progress), you will likely be ridiculed unless you can at least provide extraordinary professional credentials for your "few dozen mathematicians, statisticians, and even a half dozen cryptographers with over 45 years combined education." Why have you done neither?

Is that better?

Thank you chris, that is much better

1: With vanitygen you add your own entropy by selecting an address with a 1XXXXXXX prefix, there is nothing random about it short of what comes after 1XXXXXX by selecting XXXXXXX you move yourself out of the over used "random" space

2: I wont argue this, instead i issue a challange, 1, Get drunk, i mean tipsy drunk. 2, attach 5 note cards (3X5) to the wall. 3, stand back 20-25 feet from them. 4, try and hit one, then try and hit the same one again. Smiley    (in short, its fun, and more random than you will get from most other sources)

3: I really dont want to get too much into this one, If your making this claim, i assume you have looked through the entire source code for armory before (prior to their latest 2 releases) so there really is no need for discussion here.

4: Right, and wrong at the same time. We are not making claims nor trying to convince anyone of anything, that would be futile around here to say the least, this is a community filled with sheeple, trolls, and the under educated with a few bright minds mixed in to try and balance it out. We knew this coming in. Instead, we are releasing some of the software we have developed to allow others to do it themselves. As more participate, the "thefts" (hopefully will be returned to their rightful owners upon proving a point) will begin to happen more often, and sooner or later someone will hit something BIG or nail someone of importance and when they speak up, then there will be nothing left to discuss.

 


This is worthless, you never give reasonable answers.

^^ AWWWWW you hurt our feelings  Kiss
bitpop
Legendary
*
Offline Offline

Activity: 2506
Merit: 1045


https://keybase.io/bitpop


View Profile WWW
October 17, 2014, 02:07:46 AM
 #214

Stop beating around the Bush, disclose your findings

Reputation  |  PGP  |  Ethereum Classic
Bitcoin: 3DSh6AnmvBpDJFUz2mnLirMLmTMcFs9nDm
Hash Hyena
Newbie
*
Offline Offline

Activity: 19
Merit: 0


View Profile
October 17, 2014, 02:20:39 AM
 #215

Stop beating around the Bush, disclose your findings

You're kidding right?

We already did. But let me summarize it for you.

There are a lot of wallet clients in existence that use faulty PSRNG's. The easiest way to find and "prove" this is to parse the blockchain for a list of all addresses ever used. Then group them by the first X characters, (we use X=6 as that is still quite easy to generate using most brute force tools including vanitygen)

Then turn your list into a bar graph, you will find that LARGE amounts of addresses fall in a very small portion of address space.

Because of this, you are cutting out a HUGE portion of the space if you are trying to brute force an address for 1. but most importantly you are opening yourself up to a "birthday attack" of sorts as it is not difficult by any means to compile massive lists of address/private key when your target is only address that start with 1xxxx,1xxxxx,1xxxxx, etc.......

On second thought, we already covered this, i dont feel i need to write it all out again.

The processes is simple, check the address before you database it for a positive balance, then monitor the database in real time for any incoming transactions. (there is a reason satoshi dice is keeping all of its coins in vanity addresses)
Dabs
Staff
Legendary
*
Offline Offline

Activity: 2366
Merit: 1143



View Profile
October 17, 2014, 02:22:42 AM
 #216

Care to comment on the following hardware RNGs?

http://www.entropykey.co.uk/
https://www.tindie.com/products/ubldit/truerng-hardware-random-number-generator/
http://ubld.it/products/truerng-hardware-random-number-generator/

I might buy the last one.

Escrow Service (Services) - GPG ID: 32AD7565, OTC ID: Dabs
All messages concerning escrow or with bitcoin addresses are GPG signed. Please verify.
CompTIA A+, Microsoft Certified Professional, MCSA: Windows 10; Windows Server 2012, MCSE: Cloud Platform and Infrastructure; Productivity; Messaging
Hash Hyena
Newbie
*
Offline Offline

Activity: 19
Merit: 0


View Profile
October 17, 2014, 02:32:31 AM
 #217


DABS,

THANK YOU. Seriously !!!!!!!!!!!!!!!

Yes, i can comment.

The avalanche effect in a semiconductor junction is probably one of the better known sources of Entropy in terms of hardware. I myself and a few of the team own TrueRNG's.

Not all HWRNG's are created equally, and some are more faulty that PSRNG's when you look at the bitmap analysis. (part of the reason why the bad ones dont show it openly)

In my opinion of course, i would say the TrueRNG is worth the money if you intend on storing any real money in something protected by cryptography.

Some of the better HWRNG's that are more secure use ambient noise at the time of reading to generate entropy as well. Go sit in a crowded coffee shop and generate your keys with it and you are for sure secure. I use to have one myself (super expensive) until i spilled coffee on it.
bitpop
Legendary
*
Offline Offline

Activity: 2506
Merit: 1045


https://keybase.io/bitpop


View Profile WWW
October 17, 2014, 02:38:46 AM
 #218

Good info. Now you alluded to armory having something in its source code that was recently fixed. What was it?

Reputation  |  PGP  |  Ethereum Classic
Bitcoin: 3DSh6AnmvBpDJFUz2mnLirMLmTMcFs9nDm
Dabs
Staff
Legendary
*
Offline Offline

Activity: 2366
Merit: 1143



View Profile
October 17, 2014, 02:41:49 AM
 #219


If you want to tip me, you can send me one them cute USB devices. Smiley

Escrow Service (Services) - GPG ID: 32AD7565, OTC ID: Dabs
All messages concerning escrow or with bitcoin addresses are GPG signed. Please verify.
CompTIA A+, Microsoft Certified Professional, MCSA: Windows 10; Windows Server 2012, MCSE: Cloud Platform and Infrastructure; Productivity; Messaging
Hash Hyena
Newbie
*
Offline Offline

Activity: 19
Merit: 0


View Profile
October 17, 2014, 03:09:11 AM
 #220

Good info. Now you alluded to armory having something in its source code that was recently fixed. What was it?

Read the release notes, They dont hide what they do, and when they have errors. Believe that when the armory team finds a problem with their client that involves security, it gets patched IMMEDIATELY before anything else is done. Armory may not have always been the safest, but they are the best from a business standpoint at taking care of their problems, and they are very quickly becoming the most secure wallet client a person can have, although they are not quite there yet.
Pages: « 1 2 3 4 5 6 7 8 9 10 [11] 12 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!