10 BTC 4 U 2 STEAL - Protected by a weak 5-letter password - crack & it's yours!

[kokojie]

Found a scrypt implementation for Python written in C, so it should be pretty fast.  100 attempts in 52 sec on my Mac.  Still, that will take 44 days if I had 52 CPUs to run on.  Giving that I still have to implement all the rest of the BIP key decryption in Python (I planned to steal most of it from Armory), I doubt that I will be first to collect the price (and I don't have 52 CPUs to spare).  So I pass.  But it was fun to looking into this.

Yeah that's still pretty slow, though once casascius reveals more information, your script may be the fastest.

[kokojie]

scrypt sounds like a great encryption algorithm, even 5 letter passwords take so long to crack. Why isn't this in wide spread use for password encryption?

[Come-from-Beyond]

scrypt sounds like a great encryption algorithm, even 5 letter passwords take so long to crack. Why isn't this in wide spread use for password encryption?

It wasn't analyzed so intensively like, say, SHA-256.

[Evan]

Found a scrypt implementation for Python written in C, so it should be pretty fast.  100 attempts in 52 sec on my Mac.  Still, that will take 44 days if I had 52 CPUs to run on.  Giving that I still have to implement all the rest of the BIP key decryption in Python (I planned to steal most of it from Armory), I doubt that I will be first to collect the price (and I don't have 52 CPUs to spare).  So I pass.  But it was fun to looking into this.

I don't have 52 CPUS to crack with but I do have a Server with two E7-8850 so thats 40 CPUs for you.

Also if you could force this to run via a Nvidia Cuda set up  I am sure the 1536+ cores my GPU have could crack that in a few rounds

[casascius]

The capitalization pattern is: AaAaA

[Elxiliath]

Now to figure out what it could be.    I love this app by the way, saves me using photoshop to manually put in all these QR codes when I generate bills.

[Chloride]

I don't know if it helps anyone, but I wrote a quick java program to generate a list dictionary file (plain .txt format) of all possible passwords in the format "AaAaA".

If someone wants to try using it, I'll be happy to give it to them in return for 1 or 2 btc if you managed to crack it.

[Trader Steve]

So who is sending micro-payments to the address? Are these clues from Mike?

[enquirer]

I can only tell you that Amazon Extra-Large High-CPU instances are a rip off!
Not faster than a $500 home computer.
And that password is not in a dictionary.

[Chloride]

I can only tell you that Amazon Extra-Large High-CPU instances are a rip off!
Not faster than a $500 home computer.
And that password is not in a dictionary.

He has stated that the password is 5 letters long, in the format of "AaAaA".
I simply generated a textfile containing every combination of letters in the format, it amounts to ~90mb in a .txt file.
Not so much a dictionary as a list of all possible results.

[runlinux]

im getting about 2 results a second on my 4.5GHz 3960X. We'll how it fairs in the morning. for some reason, its only using 50% of the CPU... time to dig into some code

[Raize]

Mike, I'm interested in more what you're doing with these paper wallets. Is the idea to let us print our own paper currency for exchange between friends and family without having to even own a client?

[casascius]

So who is sending micro-payments to the address? Are these clues from Mike?

I'm not sending the micro-payments.  Amusing though.

[HotDiggityDawg]

So who is sending micro-payments to the address? Are these clues from Mike?

I'm not sending the micro-payments.  Amusing though.

Well damn, and I thought I was onto something!

[casascius]

Mike, I'm interested in more what you're doing with these paper wallets. Is the idea to let us print our own paper currency for exchange between friends and family without having to even own a client?

Yeah, that's one typical use case... there are many others, and quite honestly I expect that there will be many use cases I haven't thought of, that somebody else will.

The password aspect makes it useful for much bigger amounts.  "Here Abby, here's the 165 BTC you bought from me when they were $6 that I've been holding all this time for you.  Now there is a new way I can just give it to you as bills, just in case you'd like to spend a couple of them on the internet without having to ask me for them, since they're money after all.  There are ten BTC10 bills and thirteen BTC5's.  The password is (some phrase based on an inside joke).  Don't worry if you lose these, because as long as you don't lose the password with them, I can always bail you out for whatever you haven't spent, since I made a copy and will remember the password too."  (then shove my copy of her bills in a safe deposit box and then I can stop mentally subtracting her BTC from my own wallet balance as a liability, or worrying I'll ever lose track or ability to give her her money)

[hardcore-fs]

So who is sending micro-payments to the address? Are these clues from Mike?

I'm not sending the micro-payments.  Amusing though.

Well damn, and I thought I was onto something!

LOL, if you dug a little deeper you would be.

[Shermo]

My implementation is down to 30hours with the new information... do-able now

[Shermo]

Crap I just realised I've been reading my time estimates wrong / outputting them not how I thought... actually, I'm at 30 DAYS not hours... bah!

[casascius]

Crap I just realised I've been reading my time estimates wrong / outputting them not how I thought... actually, I'm at 30 DAYS not hours... bah!

I anticipate offering another difficulty drop soon.  But will post a time before providing one of major value.

[Come-from-Beyond]

OMG. Is there any REAL hacker?