Bitcoin Forum
June 14, 2024, 03:30:31 PM *
News: Voting for pizza day contest
 
   Home   Help Search Login Register More  
Pages: « 1 ... 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 [70] 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 ... 149 »
  Print  
Author Topic: Re: [AXIOM] AxiomMemHash, Schnorr Sigs Implemented, APOS 3.0, AXH 2.0 Proposed  (Read 204910 times)
Epsylon3
Legendary
*
Offline Offline

Activity: 1484
Merit: 1082


ccminer/cpuminer developer


View Profile WWW
August 02, 2015, 04:06:12 PM
 #1381

maybe he got it before you encrypted it... else you can trust my personal windows builds (they are on github)... i might code sign them in the future...

if somebody know a cheap way to do it... (a place to buy signatures for personal users)

BTC: 1FhDPLPpw18X4srecguG3MxJYe4a1JsZnd - My Projects: ccminer - cpuminer-multi - yiimp - Forum threads : ccminer - cpuminer-multi - yiimp
go6ooo1212
Legendary
*
Offline Offline

Activity: 1512
Merit: 1000


quarkchain.io


View Profile
August 02, 2015, 04:12:20 PM
 #1382

maybe he got it before you encrypted it... else you can trust my personal windows builds (they are on github)... i might code sign them in the future...

if somebody know a cheap way to do it... (a place to buy signatures for personal users)

It were encrypted "ages ago" and the pass was strong , very strong. It was zipped and downloaded from my appdata folder....
EDIT: I know your releases are legit, following your work long time ago...
jc12345
Legendary
*
Offline Offline

Activity: 1638
Merit: 1013


View Profile
August 02, 2015, 04:15:25 PM
 #1383

I do know what I am talking about regarding cryptography, it is my job. Explain to me what is wrong with my explanation if you know it better.

Ok, answer the following for me:

1) Can you tell me the key length of the private key of a wallet?
2) Can you tell me who "chooses" the private key - the "wallet" or the user?
3) At which point does the redundancy of the language come into play - a) upon private key generation or b) when a user decides to encrypt his wallet with a password of his choosing?
4) After you have explained 1-3 can you explain the relevance of the users wallet password and redundancy of a language to the private key in the wallet and how you will derive the private key of the private/public key pair from the public key if you happen to obtain the users wallet password from a rainbow table of some sorts that you are referring to?

Sure I can:

1) The lenght is 256 bit or 32 bytes if you like
2) The input for the hash function that produces the private key can be from human input or from a (strong) random generator (that is built into the wallet)
3) If I understand this question right: In both situations
4) It is not about getting the users wallet password with a rainbow table. See answer 2 where it is possible to have human input (so called brain wallet) for the hash function that results in the private key. Also see the details of the sausage example.




It is only in the case of where a private key of a public/private key pair is a function of a human input, that the redundancy of the user's language could potentially cause a reduction of the key space. If you do the maths it is not feasible to create a rainbow table for 256bits and in addition there is not enough computing power in existence today to attempt that.
keesdewit
Copper Member
Hero Member
*****
Offline Offline

Activity: 1024
Merit: 513

txbit.io - cryptocurrency exchange


View Profile WWW
August 02, 2015, 04:18:47 PM
 #1384

I do know what I am talking about regarding cryptography, it is my job. Explain to me what is wrong with my explanation if you know it better.

Ok, answer the following for me:

1) Can you tell me the key length of the private key of a wallet?
2) Can you tell me who "chooses" the private key - the "wallet" or the user?
3) At which point does the redundancy of the language come into play - a) upon private key generation or b) when a user decides to encrypt his wallet with a password of his choosing?
4) After you have explained 1-3 can you explain the relevance of the users wallet password and redundancy of a language to the private key in the wallet and how you will derive the private key of the private/public key pair from the public key if you happen to obtain the users wallet password from a rainbow table of some sorts that you are referring to?

Sure I can:

1) The lenght is 256 bit or 32 bytes if you like
2) The input for the hash function that produces the private key can be from human input or from a (strong) random generator (that is built into the wallet)
3) If I understand this question right: In both situations
4) It is not about getting the users wallet password with a rainbow table. See answer 2 where it is possible to have human input (so called brain wallet) for the hash function that results in the private key. Also see the details of the sausage example.




It is only in the case of where a private key of a public/private key pair is a function of a human input, that the redundancy of the user's language could potentially cause a reduction of the key space. If you do the maths it is not feasible to create a rainbow table for 256bits and in addition there is not enough computing power in existence today to attempt that.

Of course that is true, but I did not say that a rainbow table is good for brute forcing the complete 256bit space. In fact it is pretty worthless in that case. (Although it might be fun to do it)

jc12345
Legendary
*
Offline Offline

Activity: 1638
Merit: 1013


View Profile
August 02, 2015, 04:18:56 PM
 #1385

maybe he got it before you encrypted it... else you can trust my personal windows builds (they are on github)... i might code sign them in the future...

if somebody know a cheap way to do it... (a place to buy signatures for personal users)

You can use a PGP/GPG key pair to sign the binary. Then you must just make sure that someone trustworthy has signed your key. Perhaps you have gone through a key party in the past? You can generate a key pair with several tools eg. Kleopatra.
keesdewit
Copper Member
Hero Member
*****
Offline Offline

Activity: 1024
Merit: 513

txbit.io - cryptocurrency exchange


View Profile WWW
August 02, 2015, 04:21:55 PM
 #1386

maybe he got it before you encrypted it... else you can trust my personal windows builds (they are on github)... i might code sign them in the future...

if somebody know a cheap way to do it... (a place to buy signatures for personal users)

You can use a PGP/GPG key pair to sign the binary. Then you must just make sure that someone trustworthy has signed your key. Perhaps you have gone through a key party in the past? You can generate a key pair with several tools eg. Kleopatra.

If you are willing to spend the money, you can buy a code signing certificate from one of the CSP's

https://www.digicert.com/code-signing/

Epsylon3
Legendary
*
Offline Offline

Activity: 1484
Merit: 1082


ccminer/cpuminer developer


View Profile WWW
August 02, 2015, 04:22:29 PM
 #1387

i never build linux binaries, source code is made for that... just built one for my shield tablet today ^^

for windows its another problem... i dont want to force users to install vstudio or mingw64

BTC: 1FhDPLPpw18X4srecguG3MxJYe4a1JsZnd - My Projects: ccminer - cpuminer-multi - yiimp - Forum threads : ccminer - cpuminer-multi - yiimp
Epsylon3
Legendary
*
Offline Offline

Activity: 1484
Merit: 1082


ccminer/cpuminer developer


View Profile WWW
August 02, 2015, 04:29:24 PM
 #1388

yep, not really cheap... 330$/yr to be "trusted" by smartscreen pfff and ... not by antiviruses :;p

BTC: 1FhDPLPpw18X4srecguG3MxJYe4a1JsZnd - My Projects: ccminer - cpuminer-multi - yiimp - Forum threads : ccminer - cpuminer-multi - yiimp
keesdewit
Copper Member
Hero Member
*****
Offline Offline

Activity: 1024
Merit: 513

txbit.io - cryptocurrency exchange


View Profile WWW
August 02, 2015, 04:35:02 PM
 #1389

yep, not really cheap... 330$/yr to be "trusted" by smartscreen pfff and ... not by antiviruses :;p

The main thing is that users can determine if it is from the original source. The smartscreen trust is not really worth something and antivirus is not dependend of digital signatures. And yes, it is very expensive for personal use.

keesdewit
Copper Member
Hero Member
*****
Offline Offline

Activity: 1024
Merit: 513

txbit.io - cryptocurrency exchange


View Profile WWW
August 02, 2015, 04:40:52 PM
 #1390

@Dev: Can you please tell what random generator you use for generating private keys? I can wrestle myself through code here, but it is more efficient to just ask.

Epsylon3
Legendary
*
Offline Offline

Activity: 1484
Merit: 1082


ccminer/cpuminer developer


View Profile WWW
August 02, 2015, 04:45:53 PM
 #1391

even the apple store one is cheaper than that, paying 100$ is the max i can...

BTC: 1FhDPLPpw18X4srecguG3MxJYe4a1JsZnd - My Projects: ccminer - cpuminer-multi - yiimp - Forum threads : ccminer - cpuminer-multi - yiimp
keesdewit
Copper Member
Hero Member
*****
Offline Offline

Activity: 1024
Merit: 513

txbit.io - cryptocurrency exchange


View Profile WWW
August 02, 2015, 04:53:23 PM
 #1392

even the apple store one is cheaper than that, paying 100$ is the max i can...

Maybe startssl is an option for 59 dollar per year: http://www.startssl.com/  check out "StartSSL™ Verified"

Epsylon3
Legendary
*
Offline Offline

Activity: 1484
Merit: 1082


ccminer/cpuminer developer


View Profile WWW
August 02, 2015, 04:58:40 PM
 #1393

better, and seems to allow https too... will try their free one first

BTC: 1FhDPLPpw18X4srecguG3MxJYe4a1JsZnd - My Projects: ccminer - cpuminer-multi - yiimp - Forum threads : ccminer - cpuminer-multi - yiimp
chrysophylax
Legendary
*
Offline Offline

Activity: 2828
Merit: 1091


--- ChainWorks Industries ---


View Profile WWW
August 02, 2015, 05:00:33 PM
 #1394

The strange thing to me was that one of the stollen wallets was unlocked only for staking. IDK how the thief got that one - it was fully encrypted ...

possibly a keylogger ...

windows is riddled with stuff like that ...

especially if you have punched the keyword / password in there recently ...

#crysx

chrysophylax
Legendary
*
Offline Offline

Activity: 2828
Merit: 1091


--- ChainWorks Industries ---


View Profile WWW
August 02, 2015, 05:02:23 PM
 #1395

maybe he got it before you encrypted it... else you can trust my personal windows builds (they are on github)... i might code sign them in the future...

if somebody know a cheap way to do it... (a place to buy signatures for personal users)

yup - can trust his compiles AND the mans word implicitly ...

not sure how you would do that epsylon3 ...

#crysx

keesdewit
Copper Member
Hero Member
*****
Offline Offline

Activity: 1024
Merit: 513

txbit.io - cryptocurrency exchange


View Profile WWW
August 02, 2015, 05:03:39 PM
 #1396

better, and seems to allow https too... will try their free one first

I already have the free one and it is a perfect solution for personal ssl websites. On the other hand, the free version can not do code signing. (Technicaly possible, but restricted by the key usage)

Epsylon3
Legendary
*
Offline Offline

Activity: 1484
Merit: 1082


ccminer/cpuminer developer


View Profile WWW
August 02, 2015, 05:14:57 PM
 #1397

The strange thing to me was that one of the stollen wallets was unlocked only for staking. IDK how the thief got that one - it was fully encrypted ...

possibly a keylogger ...

windows is riddled with stuff like that ...

especially if you have punched the keyword / password in there recently ...

#crysx

a keylogger is not enough... you need to send the stuff somewhere, or at least open a remote port...

BTC: 1FhDPLPpw18X4srecguG3MxJYe4a1JsZnd - My Projects: ccminer - cpuminer-multi - yiimp - Forum threads : ccminer - cpuminer-multi - yiimp
keesdewit
Copper Member
Hero Member
*****
Offline Offline

Activity: 1024
Merit: 513

txbit.io - cryptocurrency exchange


View Profile WWW
August 02, 2015, 05:19:49 PM
 #1398

The strange thing to me was that one of the stollen wallets was unlocked only for staking. IDK how the thief got that one - it was fully encrypted ...

possibly a keylogger ...

windows is riddled with stuff like that ...

especially if you have punched the keyword / password in there recently ...

#crysx

a keylogger is not enough... you need to send the stuff somewhere, or at least open a remote port...

Still I think it is in the RPC interface somewhere. He had it open for the internet like me and with the same result. Does the wallet create logging of RPC commands?

ocminer
Legendary
*
Offline Offline

Activity: 2660
Merit: 1240



View Profile WWW
August 02, 2015, 05:31:12 PM
 #1399

The strange thing to me was that one of the stollen wallets was unlocked only for staking. IDK how the thief got that one - it was fully encrypted ...

possibly a keylogger ...

windows is riddled with stuff like that ...

especially if you have punched the keyword / password in there recently ...

#crysx

a keylogger is not enough... you need to send the stuff somewhere, or at least open a remote port...

Still I think it is in the RPC interface somewhere. He had it open for the internet like me and with the same result. Does the wallet create logging of RPC commands?

Yes, in debug.log

suprnova pools - reliable mining pools - #suprnova on freenet
https://www.suprnova.cc - FOLLOW us @ Twitter ! twitter.com/SuprnovaPools
go6ooo1212
Legendary
*
Offline Offline

Activity: 1512
Merit: 1000


quarkchain.io


View Profile
August 02, 2015, 05:31:48 PM
 #1400

Apologies to Epsylon , it wasn't his miner , the Axiom's minerd.exe were copyed into Epsylon's directory - that confused me before. The hacker were archive all the wallets contented info the appdata folder.
2 wallets were drown , 1 of them were encrypted and unlocked only for staking. The other was never locked ( my mistake)...
Pages: « 1 ... 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 [70] 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 ... 149 »
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!