Solve a riddle, guess a 4 char password and add 10 BTC to your xmas... SOLVED!!

[K1773R]

alright, im pissed of creating wordlists (got 27 now...), going to sleep. cya @ 200 confirmations or later (introducing a new way for meetings? )
ty to all who helped (especially phr33) and ty CIYAM for such a awesome contest.

[CIYAM]

The difference is that you can easily calculate the entropy of a brainwallet. Your function however not so much. So you won't know how secure it is.

That was exactly the point of this "challenge" in the first place (to test the concept for real and of course as stated this is not for "Gavin's grandma" but instead for highly creative minds which I think in the Bitcoin world we have many).

[BkkCoins]

I'll happely put it in bold:
Python for the win!  

Kidding aside, it's generally a good idea to use as high level library functions as possible, e.g. in my case use itertools to create and iterate the list, rather than doing things manually. If you have a problem, you can bet someone already had a similar one, AND came up with a quicker solution than you would in 15 minutes  

You're probably right there but I also just realized I'm likely on a much slower machine. I don't feel so bad. On the other hand I commented out the sha256 calls and it still took 1m 41s. So obviously I'm to blame.

(But my code also allows for partitioning - so I can say give me any range by count, for splitting across several GPUs or instances)

[BkkCoins]

I don't see how this is not a brainwallet too. It would be like creating an electrum 10 word passphrase, remembering only 4 of them and writing 6 of them down on a piece of paper.

You're just adding the entropy either way.

It is indeed a "brainwallet" of sorts but I think it is a much better one - if I am so wrong then I would have thought that the 10 BTC would have already been moved by now.

I think you have to allow more time. If someone could crack my Electrum wallet seed in 24 hours I'd call it useless.

[CIYAM]

I think you have to allow more time. If someone could crack my Electrum wallet seed in 24 hours I'd call it useless.

Understood - that is why I am not giving the next hint until confirmation # 200 and that next hint may not be the last one either (really I just didn't want to drag this out too long in the same way that Mike Caldwell handled his similar challenge but if you guys think that it is worthwhile then we can keep at it - understand that in the *real* version the brute force cracking is going to be a hell of a lot tougher than for this trial - and we can have a challenge for that if people are interested in let's say 50 BTC).

[phr33]

The difference is that you can easily calculate the entropy of a brainwallet. Your function however not so much. So you won't know how secure it is.

Good point.

People are using their ow secret key obfuscating functions all the time. Here are some popular ones:

• Repeat the password twice
• Append 123 at the end
• Replace o with 0, t with 7, e with 3 etc. A.k.a. 1337-language

Some ppl might think that these things make their passwords much much stronger. Little do they know that all these cases are covered in a modern dictionary attack and therefore only add a few bits extra security.

You are suggesting some more advanced modification that is unlikely to be guessed. It's basically a part of your key and must either be protected or remembered.

We will not crack this challenge ass long as you have your algorithm protected!

[CIYAM]

We will not crack this challenge ass long as you have your algorithm protected!

Precisely!

As the Electrum guys say "protect the seed"!

[CIYAM]

BTW - I'd like to pass on a special thank you to the mods for allowing this thread to stay in Bitcoin Discussion.

Bitcointalk is a pretty awesome place to be!

[CIYAM]

For those wondering exactly where I am headed with this concept - it is to ideally present to an end user a list of questions that will be able to then be used to automatically modify the password hashing script to generate an algorithm in a manner that is very secure (on a secured computer of course - more to come on this in the CIYAM Open thread) without too much effort (but the end user's creativity is and will always be the *key* ingredient with this approach).

I never said that this would be a trivial matter (or that this is the best solution to the problem) but I hope that this challenge has at least shown that the idea has some merit.

Also using this method I am fairly sure that I've now managed to secure all of CIYAM Open's future BTC tx's for an outlay of under 100 USD (shitty old notebooks are cheap here in China - but you should have seen the look on the salesman's face when my wife asked for the WiFi card to be *removed* because "she hates the internet" ).

[K1773R]

For those wondering exactly where I am headed with this concept - it is to ideally present to an end user a list of questions that will be able to then be used to automatically modify the password hashing script to generate an algorithm in a manner that is very secure (on a secured computer of course - more to come on this in the CIYAM Open thread) without too much effort (but the end user's creativity is and will always be the *key* ingredient with this approach).

I never said that this would be a trivial matter (or that this is the best solution to the problem) but I hope that this challenge has at least shown that the idea has some merit.

Also using this method I am fairly sure that I've now managed to secure all of CIYAM Open's future BTC tx's for an outlay of under 100 USD (shitty old notebooks are cheap here in China - but you should have seen the look on the salesman's face when my wife asked for the WiFi card to be *removed* because "she hates the internet" ).

I think you did read the "Security by Obscurity" wiki entry. At last ur bound to a 64 alpha numeric password which is long enough to not be crackable by a dictionary nowadays (and the future, unlike something drastically changes). Real Security comes by a good Design and not Obscurity, lets take scrypt as example -> scrypt takes compared to other hashing algos very long to complete. Now take a look at Armory for example where a scrypt hash (u define the scrypt parameters) of ur password is your deterministic wallet key. Now if scrypt is broken (there are collisions/attacks possible) then ur whole wallet gets insecure. A good way to take care of it is wrapping/nesting good (not a bad one, there are hashing algos that tell of what input they are generated which would be a major drawback!) hashing algos. Cascascius (Mike) was talking about this too i guess. If you do this the sheer amount of hashes you have to crack is so big that it isnt worth trying and it would be easier to search for a collision.

Pls let cryptograph specialist/programers/hackers decide if its safe or not, i see it so often that some dev thinks a hashing way is save and uses it everywhere (i had to fix a hacked system at my company, some stupid dev used base64 to "encrypt" the password) until u see its broken. Therefore picking a good way to Hash ur password and store it accordingly is the key to success.

PS: sry for typos, just woke up!

[BkkCoins]

just guessing here:

lets say the 4 character password is 1234
the changed line simply means multiple times the password, but at least 2.
so it could be

12341234 or 123412341234 or 1234123412341234 or ...

so the brute force must hash all aaaaaaaa to ZZZZZZZZ and try as password
then hash all aaaaaaaaaaaa to ZZZZZZZZZZZZ and try as password
then hash all aaaaaaaaaaaaaaaa ...

No. The line in that script is bash code and it forms a string to be hashed. So the brute force needs to scan ranges made up of any a-z, A-Z, and 0-9 but only 4 chars. Then it substitutes each pwd attempt into the pattern used in the script eg.  aaaa+aaaa=aaaaaaaa@L3AsT, except we know it's not that exact pattern. We have clues that likely it's the @L3AsT part that has changed but how is not known.

At least one person has tried over 200 variations on that line and still not found the right one. I've only tested about 10 variations but now that my pwd hashing code is working I can provide patterns in a file and it will run on them in sequence.

Just for interest these are the ones I've tried so far with no luck:

Code:

%s+%s=%s%s@L3AsT
%s+%s=%s%s(at least)
%s+%s=%s%s(atleast)
%s+%s=%s%s(@L3AsT)
%s+%s=%s%s(@L3asT)
%s+%s=%s%s(@Least)
%s+%s=%s%s(@LeasT)
%s+%s=%s%s(atL3AsT)
%s+%s=%s%s(at L3AsT)
%s+%s>%s%s
%s+%s>=%s%s

I guess I'll throw a bunch more in and let it spin. It's only running on one GPU as I couldn't get multiple to work. Not sure why but stops with some crash code.

[CIYAM]

Well it's very early now in Beijing but woke up wondering whether the 10 BTC was still there - and amazingly it still is (and I see now only another 15 confirmations before the next hint).

Although I respect the skepticism of any "brainwallet" approach I do hope that this "putting my money where my mouth is" approach will at least convince some that the idea can work (although even my much improved script could itself be improved through the use of say scrypt).

[hazek]

Is anyone interested in an address that contains 230 satoshis? It's in an electrum wallet I'm about to delete and can't be bothered to try and salvage them without paying a fee, so if anyone wants them, they can have the wallet and get them!

[K1773R]

Is anyone interested in an address that contains 230 satoshis? It's in an electrum wallet I'm about to delete and can't be bothered to try and salvage them without paying a fee, so if anyone wants them, they can have the wallet and get them!

sure ty already.
Good opportunity to hack around with electrum.

[CIYAM]

Just woke up again to find that we are at confirmation # 202 so here is the next hint:

Code:

1p+1p!=pp

[K1773R]

Just woke up again to find that we are at confirmation # 202 so here is the next hint:

Code:

1p+1p!=pp

and we still got tons of stuff to test this gonna be fun

[CIYAM]

BTW don't know if you guys have read this: https://bitcoinfoundation.org/blog/?p=58

but I think a case could be made for some "grant" coins towards creating a GUI that could assist with creating a secret such as that so far elusive changed equation in my bash script.

[CIYAM]

Next hint to be posted after 400 confirmations (unless there is consensus here for me to give it earlier).

[K1773R]

Next hint to be posted after 400 confirmations (unless there is consensus here for me to give it earlier).

"Solve a riddle, guess a 4 char password and add 10 BTC to your xmas stocking!" <-- why not "Solve a riddle, bruteforce a 4 char password with an unknown salt and add 10 BTC to your xmas stocking! )"
dunno what to test, tested somany pattern.
Did you change ${password} too? asking because of the 1p.

[CIYAM]

"Solve a riddle, guess a 4 char password and add 10 BTC to your xmas stocking!" <-- why not "Solve a riddle, bruteforce a 4 char password with an unknown salt and add 10 BTC to your xmas stocking! )"

All will be revealed in time but I will add now that the title of this topic was not inaccurate.