Bitcoin Forum
August 21, 2018, 08:07:06 PM *
News: Latest stable version of Bitcoin Core: 0.16.2  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: « 1 ... 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 [64] 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 ... 730 »
  Print  
Author Topic: IOTA  (Read 1315789 times)
This is a self-moderated topic. If you do not want to be moderated by the person who started this topic, create a new topic.
Come-from-Beyond
Legendary
*
Offline Offline

Activity: 2044
Merit: 1007

Newbie


View Profile
December 23, 2015, 12:10:41 PM
 #1261

So 'qwert999999999999999999' was thought to be more than 20 characters, but it is just 'qwert' 5 characters. I think the average people should know that.

It doesn't look as "randomized order".
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
LiQio
Legendary
*
Offline Offline

Activity: 1173
Merit: 1002



View Profile
December 23, 2015, 12:17:41 PM
 #1262

So 'qwert999999999999999999' was thought to be more than 20 characters, but it is just 'qwert' 5 characters. I think the average people should know that.

It doesn't look as "randomized order".

Come on CfB you know what we mean:
"bupqcn01srbheze1o999" is randomized and fulfills your password suggestion before, but not after, disclosing the "trailing 9"-thing.
 Smiley
Come-from-Beyond
Legendary
*
Offline Offline

Activity: 2044
Merit: 1007

Newbie


View Profile
December 23, 2015, 12:21:59 PM
 #1263

Come on CfB you know what we mean:
"bupqcn01srbheze1o999" is randomized and fulfills your password suggestion before, but not after, disclosing the "trailing 9"-thing.
 Smiley

The security of this password is more than 80 bits, it's more than security of the password used by me LOL.
LiQio
Legendary
*
Offline Offline

Activity: 1173
Merit: 1002



View Profile
December 23, 2015, 12:30:28 PM
 #1264

Come on CfB you know what we mean:
"bupqcn01srbheze1o999" is randomized and fulfills your password suggestion before, but not after, disclosing the "trailing 9"-thing.
 Smiley

The security of this password is more than 80 bits, it's more than security of the password used by me LOL.

bupqcn01srbheze1o999 -> 81 bits
bupqcn01srbheze1o -> 71 bits

=> mention it.
Come-from-Beyond
Legendary
*
Offline Offline

Activity: 2044
Merit: 1007

Newbie


View Profile
December 23, 2015, 12:43:57 PM
 #1265

bupqcn01srbheze1o999 -> 81 bits
bupqcn01srbheze1o -> 71 bits

=> mention it.

David will decide, my opinion is that too many details is rather bad than good. If someone managed to send bitcoins then their IQ is high enough to generate a good password.
rlh
Hero Member
*****
Offline Offline

Activity: 788
Merit: 1000


View Profile
December 23, 2015, 12:56:15 PM
 #1266

Sorry for my ignorance but is "SaM" hashing the full process of taking a clear text string (the users passphrase) and converting it to an address hash?

Because in your code, you have operations such as 9 hashing rounds x (729 iterations for some left/right calculations + another 729 iterations for left/right index assignments and look ups.)  So, that operation alone is 13,122 operations within your transform method... which gets called multiple times per address.

Again, I need to dig into this and figure out the point of each step in your code, but with the exception of initializing the INDICES table just once, I have to execute all of your code for each address.

I hate to ask for a cheat, but are there other ways that some of this could be cached or simplified for barebones address creation?

SaM is just a hash function - https://github.com/JinnLabs/SaM/blob/master/src/SaM.java. A single hash requires 19683 lookups to F.

FYI, I did a bit of counting.  Your address generator calls your transform() function 101(!) times on the state[] array.  This means that the seed is hashed 101 times.  When I count all of the lookups to F within the transform method, I see 19,683 lookups (which is your number.)  This means that F is accessed 1,987,983.

Also, I forgot to stop looking at benchmarks in the debugger (derp!).  My i5 is generating about 21 addresses/sec in Visual Studio while outside of VS I'm getting 108 addresses/sec.


A Personal Quote on BTT from 2011:
"I'd be willing to make a moderate "investment" if the value of the BTC went below $2.00.  Otherwise I'll just have to live with my 5 BTC and be happy. :/"  ...sigh.  If only I knew.
Come-from-Beyond
Legendary
*
Offline Offline

Activity: 2044
Merit: 1007

Newbie


View Profile
December 23, 2015, 01:15:32 PM
 #1267

FYI, I did a bit of counting.  Your address generator calls your transform() function 101(!) times on the state[] array.  This means that the seed is hashed 101 times.  When I count all of the lookups to F within the transform method, I see 19,683 lookups (which is your number.)  This means that F is accessed 1,987,983.

Also, I forgot to stop looking at benchmarks in the debugger (derp!).  My i5 is generating about 21 addresses/sec in Visual Studio while outside of VS I'm getting 108 addresses/sec.

Some hashings are not necessary to get an address, the logic (not reflected in the code) is:

1. Take random string of trits
2. Hash it to get a 243-trit account seed
3. By adding 0, 1, 2, ... to the seed and hashing it we get different key seeds
4. By hashing each key seed 9 times we get 27 key fragments (a hash contains 3 keys at once because a key fragment is 81 trits while a hash is 243 trits)
5. Each key fragment must be hashed 27 times, after each hashing only first 81 trits are taken
6. Once we get 27 key fragments hashed 27 times each we concatenate them into a 2187-trit string
7. Hashing of this string (requires 9 invocations of SaM transform function) gives 243 trits of the address

This method allows to deterministically generate infinite number of addresses not linked together (for an outside observer) by having a single account seed.
rlh
Hero Member
*****
Offline Offline

Activity: 788
Merit: 1000


View Profile
December 23, 2015, 02:09:08 PM
 #1268

I had asked a couple questions regarding your comments... I'll dig into this deeper, later.  I'm starting to understand.

Unrelated question, regarding your tryte array (tryteTrits)  maybe I'm missing the pattern, but what determined the order of these sub-arrays (Each containing 3 trits)  If I were to create such an array, it would have looked like:

Code:
int[][] tryteTrits =
    {
        {0,0,0}, {0,0,-1}, {0,0,1}
        {0,-1,0}, {0,-1,-1}, {0,-1,1}
        {0,1,0}, {0,1,-1}, {0,1,1}
         ...
    }

This seems to be a semi-natural progression of values.  Was there a good, logical reason for the much different ordering of trytes?

A Personal Quote on BTT from 2011:
"I'd be willing to make a moderate "investment" if the value of the BTC went below $2.00.  Otherwise I'll just have to live with my 5 BTC and be happy. :/"  ...sigh.  If only I knew.
Come-from-Beyond
Legendary
*
Offline Offline

Activity: 2044
Merit: 1007

Newbie


View Profile
December 23, 2015, 02:15:11 PM
 #1269

I've sent alpha version code to those who offered their help. The review shouldn't take much time, it was only back-end code. While we are waiting I'll start writing real (non-reference) version. The difference between these versions is that the latter will be more complex, but optimized.
Come-from-Beyond
Legendary
*
Offline Offline

Activity: 2044
Merit: 1007

Newbie


View Profile
December 23, 2015, 02:17:56 PM
 #1270

Unrelated question, regarding your tryte array (tryteTrits)  maybe I'm missing the pattern, but what determined the order of these sub-arrays (Each containing 3 trits)  If I were to create such an array, it would have looked like:

Code:
int[][] tryteTrits =
    {
        {0,0,0}, {0,0,-1}, {0,0,1}
        {0,-1,0}, {0,-1,-1}, {0,-1,1}
        {0,1,0}, {0,1,-1}, {0,1,1}
         ...
    }

This seems to be a semi-natural progression of values.  Was there a good, logical reason for the much different ordering of trytes?

Your order gives the following numerical values:

 0   26    1
24  23  25
 3   2    4
rlh
Hero Member
*****
Offline Offline

Activity: 788
Merit: 1000


View Profile
December 23, 2015, 02:26:13 PM
 #1271

comments and questions redacted... I'll figure this out on my own. Tongue

A Personal Quote on BTT from 2011:
"I'd be willing to make a moderate "investment" if the value of the BTC went below $2.00.  Otherwise I'll just have to live with my 5 BTC and be happy. :/"  ...sigh.  If only I knew.
Come-from-Beyond
Legendary
*
Offline Offline

Activity: 2044
Merit: 1007

Newbie


View Profile
December 23, 2015, 03:07:05 PM
 #1272

A script kiddy is playing with our server right now. Hold on.
AltcoinScamfinder
Hero Member
*****
Offline Offline

Activity: 840
Merit: 500


View Profile
December 23, 2015, 03:13:20 PM
 #1273

A script kiddy is playing with our server right now. Hold on.

When you are successful enough that some 4chan child takes notice, you have come a long way.

FOR RENT.
Come-from-Beyond
Legendary
*
Offline Offline

Activity: 2044
Merit: 1007

Newbie


View Profile
December 23, 2015, 03:24:51 PM
 #1274

To those who don't find their address in http://188.138.57.93/old.txt - reenter it again via collect.iotatoken.com, please. No need to resend the payment.
rlh
Hero Member
*****
Offline Offline

Activity: 788
Merit: 1000


View Profile
December 23, 2015, 03:30:20 PM
 #1275

Sorry, I'll try to quite down in a bit but regarding code review, should we post our questions here, or via PM?  I already see something that I'd like to explain, but if you'd prefer for review questions to be asked in a private/semi-private manner, let me know.

A Personal Quote on BTT from 2011:
"I'd be willing to make a moderate "investment" if the value of the BTC went below $2.00.  Otherwise I'll just have to live with my 5 BTC and be happy. :/"  ...sigh.  If only I knew.
Come-from-Beyond
Legendary
*
Offline Offline

Activity: 2044
Merit: 1007

Newbie


View Profile
December 23, 2015, 03:35:03 PM
 #1276

Sorry, I'll try to quite down in a bit but regarding code review, should we post our questions here, or via PM?  I already see something that I'd like to explain, but if you'd prefer for review questions to be asked in a private/semi-private manner, let me know.

PM or Ryver if you need realtime.
Come-from-Beyond
Legendary
*
Offline Offline

Activity: 2044
Merit: 1007

Newbie


View Profile
December 23, 2015, 03:53:46 PM
 #1277

There has arised a little misunderstanding regarding the reviewed code. To make it clear:

1. It's a back-end, some things like transaction signing will be done in front-end, this is why this code absents
2. It's a reference implementation, some things are not efficient because readability had the highest priority
3. Iota is lightweight literally, it's not a marketing trick. A single transaction format, a single packet format, a single workflow for data sharing - all these things led to little code.
Come-from-Beyond
Legendary
*
Offline Offline

Activity: 2044
Merit: 1007

Newbie


View Profile
December 23, 2015, 04:41:45 PM
 #1278

I got some questions about the code, I'll post replies here so other reviewers will see them too.



There are transactions in Iota and their bundles. A bundle = one or several transactions. Every transaction can be a message, an output or an input. A message doesn't change balances and can contain any data. An output is an operation that increases the balance of an address. An input is an operation that decreases the balance of an address.

A typical transaction bundle may look like this:

-500 XXX
+400 YYY
+100 ZZZ
0 For Neuropozyne (50mg)

Here we see that XXX sends 400 iotas to YYY and 100 iotas (change) back to himself. There are 4 transactions, -500 is input and +400 and +100 are outputs. So transactions with negative values are possible. 0-value transactions can be ignored when calculating balances.



SaM hashing function is my invention. I used the same principle as was used in Keccak aka SHA-3 and followed all advices that I found in papers analyzing security of other hash functions. It doesn't guarantee that SaM is cryptographically secure, it's impossible to prove that a particular hashing function is secure (unless it's a balanced bent function which doesn't actually exist), only time can increase assurance that SaM is secure. There is no another trinary function which suits our needs, so not much choice here.

If we assume that SaM is cryptographically secure then the rest is secure (to some degree defined by the signer), because Iota uses Winternitz one-time signature scheme which is well-studied.



We already contacted cryptographers asking them to review SaM but this process is long, also they, of course, are busy with their own stuff.


WorldCoiner
Hero Member
*****
Offline Offline

Activity: 826
Merit: 586


@altcoindad


View Profile WWW
December 24, 2015, 10:10:39 AM
 #1279

Very interesting and new concept Come-from-beyond. Thanks for keeping us in the loop here.

Merry Christmas IOTA-Team!

Co-Host of the Altcoin Meetup Switzerland
Director at Forctis AG - Building the next revolution in Blockchain: Forctis.io
Strategic Advisor of the Blockchain projects Smart Containers and Mt Pelerin
superresistant
Legendary
*
Offline Offline

Activity: 1890
Merit: 1071



View Profile
December 24, 2015, 11:33:08 AM
 #1280

 
[solved]
I am not sure I understand this step :

type the address that you just generated into the form below. Hit 'Send' to get the amount of satoshis to transfer in order to verify your ownership.

Can someone rephrase this ?

I never got "the amount of satoshis to transfer in order to verify my ownership", is it a bug ? I only get a blank page.
I guess the server is saturated of request... I'll try later.


EDIT : I forgot to remove the space before the last 2 letters so the site didn't recognize my address. Thanks Come-from-Beyond.
Pages: « 1 ... 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 [64] 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 ... 730 »
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!